Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 61 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2001-0378

readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.

Published: June 27, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2001-0247

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Published: June 18, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2001-0268

The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.

Published: May 03, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2001-0284

Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.

Published: May 03, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0914

OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0993

Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0994

Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0995

Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0996

Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0997

Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-1004

Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.

Published: December 11, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2000-1010

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Published: December 11, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0001

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.

Published: December 30, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

Published: August 09, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0482

OpenBSD kernel crash through TSS handling, as caused by the crashme program.

Published: March 21, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0483

OpenBSD crash using nlink value in FFS and EXT2FS filesystems.

Published: February 25, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-1999-0484

Buffer overflow in OpenBSD ping.

Published: February 23, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-1999-0798

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

Published: December 04, 1998; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0052

IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.

Published: November 04, 1998; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0062

The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage.

Published: August 03, 1998; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH