Filtered by vendor Openbsd
Subscribe
Total
319 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0572 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2023-12-10 | 7.5 HIGH | N/A |
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. | |||||
CVE-1999-0323 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
FreeBSD mmap function allows users to modify append-only or immutable files. | |||||
CVE-2004-0175 | 1 Openbsd | 1 Openssh | 2023-12-10 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. | |||||
CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | |||||
CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. | |||||
CVE-2003-0786 | 1 Openbsd | 1 Openssh | 2023-12-10 | 10.0 HIGH | N/A |
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. | |||||
CVE-2004-0819 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet. | |||||
CVE-2004-0106 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2023-12-10 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | |||||
CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | |||||
CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2023-12-10 | 7.5 HIGH | N/A |
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2023-12-10 | 2.1 LOW | N/A |
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | |||||
CVE-2000-0999 | 1 Openbsd | 1 Openssh | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges. | |||||
CVE-2004-0218 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
CVE-1999-0483 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 2.1 LOW | N/A |
OpenBSD crash using nlink value in FFS and EXT2FS filesystems. | |||||
CVE-2004-0219 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | |||||
CVE-2000-0914 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | |||||
CVE-2004-0414 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. |