Openbsd

Openbsd

201 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 7.25%
  • Veröffentlicht 20.10.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:10

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a ...

  • EPSS 1.41%
  • Veröffentlicht 25.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:27

The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet.

  • EPSS 3.97%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:35

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary...

  • EPSS 13.21%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:35

Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

  • EPSS 3.07%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:36

Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consu...

  • EPSS 5.68%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:36

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical prog...

  • EPSS 33.64%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:44

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes...

  • EPSS 0.34%
  • Veröffentlicht 07.07.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:43

Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and pos...

  • EPSS 3.18%
  • Veröffentlicht 04.05.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:11

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.

  • EPSS 3.11%
  • Veröffentlicht 04.05.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:11

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.