Total
193 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0955 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.6 MEDIUM | N/A |
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow. | |||||
CVE-2002-2180 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 6.8 MEDIUM | N/A |
The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | |||||
CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | |||||
CVE-2002-2188 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.9 MEDIUM | N/A |
OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. | |||||
CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | |||||
CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | |||||
CVE-2004-1799 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.5 HIGH | N/A |
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces. | |||||
CVE-2002-0766 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. | |||||
CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-02-28 | 2.6 LOW | N/A |
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | |||||
CVE-2004-0219 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | |||||
CVE-2004-0171 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | |||||
CVE-1999-0485 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 2.6 LOW | N/A |
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD. | |||||
CVE-2000-0489 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 2.1 LOW | N/A |
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | |||||
CVE-2004-1471 | 6 Cvs, Freebsd, Gentoo and 3 more | 6 Cvs, Freebsd, Linux and 3 more | 2024-02-28 | 7.1 HIGH | N/A |
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | |||||
CVE-2001-1415 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.6 MEDIUM | N/A |
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes. | |||||
CVE-1999-0061 | 4 Bsdi, Freebsd, Linux and 1 more | 4 Bsd Os, Freebsd, Linux Kernel and 1 more | 2024-02-28 | 5.1 MEDIUM | N/A |
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). | |||||
CVE-1999-0062 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | |||||
CVE-2004-2163 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.5 HIGH | N/A |
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. | |||||
CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 6.2 MEDIUM | N/A |
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. |