Openbsd » Openbsd : Security Vulnerabilities (CVSS score between 4 and 4.99)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2011-0419	399		DoS	2011-05-16	2012-10-29	4.3	None	Remote	Medium	Not required	None	None	Partial
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
2	CVE-2010-4755	399		DoS	2011-03-02	2011-09-21	4.0	None	Remote	Low	Single system	None	None	Partial
The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
3	CVE-2010-4754	399		DoS	2011-03-02	2011-09-21	4.0	None	Remote	Low	Single system	None	None	Partial
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
4	CVE-2009-3572			DoS	2009-10-06	2009-10-08	4.9	None	Local	Low	Not required	None	None	Complete
OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not properly handle XMM exceptions, which allows local users to cause a denial of service (kernel panic) via unspecified vectors.
5	CVE-2009-0537	189	1	DoS Overflow	2009-03-09	2009-03-21	4.9	None	Local	Low	Not required	None	None	Complete
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
6	CVE-2008-1215	264		Overflow +Priv	2008-03-08	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.
7	CVE-2006-6397			Overflow	2006-12-07	2008-09-05	4.4	User	Local	Medium	Not required	Partial	Partial	Partial
DISPUTED Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability.
8	CVE-2006-5550			DoS	2006-10-26	2008-09-05	4.9	None	Local	Low	Not required	None	None	Complete
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.
9	CVE-2006-5218			DoS Overflow +Priv	2006-10-10	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
10	CVE-2006-4435			DoS	2006-08-28	2008-09-05	4.9	None	Local	Low	Not required	None	None	Complete
OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default.
11	CVE-2006-0098				2006-01-06	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/.
12	CVE-2005-4351			Bypass	2005-12-31	2008-09-05	4.3	None	Local	Low	Single system	Partial	Partial	Partial
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.
13	CVE-2004-0482			Overflow	2004-07-07	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities.
14	CVE-2004-0114			+Priv	2004-03-03	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.
15	CVE-2003-0955			DoS Exec Code Overflow	2003-12-15	2008-09-10	4.6	User	Local	Low	Not required	Partial	Partial	Partial
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
16	CVE-2002-2188			DoS	2002-12-31	2008-09-05	4.9	None	Local	Low	Not required	None	None	Complete
OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error.
17	CVE-2001-1415				2001-11-13	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
18	CVE-2000-1004			Exec Code	2000-12-11	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.
19	CVE-2000-0313				2001-03-12	2008-09-10	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.
20	CVE-1999-0724			Overflow	1999-08-12	2008-09-09	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.
21	CVE-1999-0303			Overflow	1998-05-21	2008-09-09	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

Total number of vulnerabilities : 21 Page : 1 (This Page)