Openbsd ≫ Openbsd

mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.

The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.

FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.

Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.

OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.

Denial of service in "poll" in OpenBSD.

OpenBSD kernel crash through TSS handling, as caused by the crashme program.