Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 64 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2001-0247

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Published: June 18, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2001-0268

The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.

Published: May 03, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2001-0284

Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.

Published: May 03, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0312

cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.

Published: March 12, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2001-0053

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

Published: February 12, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0914

OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0993

Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0994

Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0995

Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0996

Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0997

Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.

Published: December 19, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-1004

Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.

Published: December 11, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2000-1010

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Published: December 11, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0750

Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0751

mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0489

FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.

Published: September 05, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-1999-0724

Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.

Published: August 12, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

Published: August 09, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0727

A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.

Published: August 06, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0703

OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.

Published: August 03, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 3.6 LOW