VYPR

OpenBSD

by OpenBSD

Source repositories

CVEs (196)

  • CVE-2001-0378Jun 27, 2001
    risk 0.00cvss epss 0.00

    readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.

  • CVE-2001-1047Jun 2, 2001
    risk 0.00cvss epss 0.00

    Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then…

  • CVE-2001-0268May 3, 2001
    risk 0.00cvss epss 0.01

    The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table…

  • CVE-2001-0284May 3, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.

  • CVE-2000-0309Mar 12, 2001
    risk 0.00cvss epss 0.00

    The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.

  • CVE-2000-0313Mar 12, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.

  • CVE-2000-0310Mar 12, 2001
    risk 0.00cvss epss 0.01

    IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.

  • CVE-2000-0312Mar 12, 2001
    risk 0.00cvss epss 0.01

    cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.

  • CVE-2000-0995Dec 19, 2000
    risk 0.00cvss epss 0.01

    Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.

  • CVE-2000-0962Dec 19, 2000
    risk 0.00cvss epss 0.02

    The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.

  • CVE-2000-0997Dec 19, 2000
    risk 0.00cvss epss 0.01

    Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.

  • CVE-2000-0996Dec 19, 2000
    risk 0.00cvss epss 0.01

    Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.

  • CVE-2000-1004Dec 11, 2000
    risk 0.00cvss epss 0.00

    Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.

  • CVE-2000-1010Dec 11, 2000
    risk 0.00cvss epss 0.05

    Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

  • CVE-2000-0750Oct 20, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.

  • CVE-2000-0461May 29, 2000
    risk 0.00cvss epss 0.00

    The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.

  • CVE-2000-0092Jan 19, 2000
    risk 0.00cvss epss 0.00

    The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.

  • CVE-1999-0001Dec 30, 1999
    risk 0.00cvss epss 0.03

    ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.

  • CVE-1999-0724Aug 12, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.

  • CVE-1999-0727Aug 6, 1999
    risk 0.00cvss epss 0.01

    A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.

Page 9 of 10