Filtered by vendor Openbsd
Subscribe
Total
320 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2768 | 2 Netapp, Openbsd | 5 Hci Management Node, Hci Storage Node, Solidfire and 2 more | 2024-11-21 | 4.3 MEDIUM | N/A |
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243. | |||||
CVE-2007-2243 | 1 Openbsd | 1 Openssh | 2024-11-21 | 5.0 MEDIUM | N/A |
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483. | |||||
CVE-2007-2242 | 4 Freebsd, Ietf, Netbsd and 1 more | 4 Freebsd, Ipv6, Netbsd and 1 more | 2024-11-21 | 7.8 HIGH | N/A |
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. | |||||
CVE-2007-1365 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 10.0 HIGH | N/A |
Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. | |||||
CVE-2007-1352 | 8 Mandrakesoft, Openbsd, Redhat and 5 more | 14 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall and 11 more | 2024-11-21 | 3.8 LOW | N/A |
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | |||||
CVE-2007-1351 | 7 Mandrakesoft, Openbsd, Redhat and 4 more | 11 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall and 8 more | 2024-11-21 | 8.5 HIGH | N/A |
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | |||||
CVE-2007-0343 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 5.0 MEDIUM | N/A |
OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. | |||||
CVE-2007-0085 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 6.0 MEDIUM | N/A |
Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. | |||||
CVE-2006-6730 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-11-21 | 6.6 MEDIUM | N/A |
OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2. | |||||
CVE-2006-6397 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-11-21 | 4.4 MEDIUM | N/A |
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability | |||||
CVE-2006-6164 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 7.2 HIGH | N/A |
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. | |||||
CVE-2006-5794 | 1 Openbsd | 1 Openssh | 2024-11-21 | 7.5 HIGH | N/A |
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. | |||||
CVE-2006-5550 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2024-11-21 | 4.9 MEDIUM | N/A |
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | |||||
CVE-2006-5229 | 2 Novell, Openbsd | 2 Suse Linux, Openssh | 2024-11-21 | 2.6 LOW | N/A |
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds. | |||||
CVE-2006-5218 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-11-21 | 4.6 MEDIUM | N/A |
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl. | |||||
CVE-2006-5052 | 1 Openbsd | 1 Openssh | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort." | |||||
CVE-2006-5051 | 3 Apple, Debian, Openbsd | 4 Mac Os X, Mac Os X Server, Debian Linux and 1 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | |||||
CVE-2006-4925 | 1 Openbsd | 1 Openssh | 2024-11-21 | 5.0 MEDIUM | N/A |
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL. | |||||
CVE-2006-4924 | 1 Openbsd | 1 Openssh | 2024-11-21 | 7.8 HIGH | N/A |
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. | |||||
CVE-2006-4436 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 5.0 MEDIUM | N/A |
isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection. |