Search Results (Refine Search)
- CPE Product Version: cpe:/o:openbsd:openbsd:3.9
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-0085 |
Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. Published: January 05, 2007; 6:28:00 AM -0500 |
V3.x:(not available) V2.0: 6.0 MEDIUM |
CVE-2006-6164 |
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. Published: November 28, 2006; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2006-5218 |
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl. Published: October 10, 2006; 12:06:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-4435 |
OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default. Published: August 28, 2006; 8:04:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-4436 |
isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection. Published: August 28, 2006; 8:04:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-4304 |
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. Published: August 23, 2006; 9:04:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |