CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Openbsd : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2011-4327 200 +Info 2014-02-02 2014-02-21
2.1
None Local Low Not required Partial None None
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
2 CVE-2008-5161 200 +Info 2008-11-19 2014-08-08
2.6
None Remote High Not required Partial None None
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
3 CVE-2006-5229 200 +Info 2006-10-10 2011-08-26
2.6
None Remote High Not required Partial None None
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds.
4 CVE-2004-2230 DoS Overflow 2004-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket.
5 CVE-2002-2280 16 2002-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.
6 CVE-2002-1915 DoS 2002-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
7 CVE-2002-0701 +Info 2002-07-23 2008-09-10
2.1
None Local Low Not required Partial None None
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.
8 CVE-2001-1559 DoS 2001-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
9 CVE-2001-1029 Bypass 2001-09-20 2008-09-05
2.1
None Local Low Not required Partial None None
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.
10 CVE-2001-0378 2001-06-27 2008-09-10
2.1
None Local Low Not required Partial None None
readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.
11 CVE-2000-0489 DoS 1999-09-05 2008-09-10
2.1
None Local Low Not required None None Partial
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
12 CVE-2000-0309 DoS 2001-03-12 2008-09-10
2.1
None Local Low Not required None None Partial
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
13 CVE-1999-1214 255 DoS 1997-09-15 2011-03-10
2.1
None Local Low Not required None None Partial
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
14 CVE-1999-1010 1999-12-14 2008-09-09
2.1
None Local Low Not required Partial None None
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
15 CVE-1999-0485 1999-02-19 2008-09-09
2.6
None Remote High Not required None None Partial
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.
16 CVE-1999-0484 Overflow 1999-02-23 2008-09-09
2.1
None Local Low Not required None Partial None
Buffer overflow in OpenBSD ping.
17 CVE-1999-0483 1999-02-25 2008-09-09
2.1
None Local Low Not required None None Partial
OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
18 CVE-1999-0396 DoS 1999-02-17 2008-09-09
2.6
None Remote High Not required None None Partial
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
Total number of vulnerabilities : 18   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.