Openbsd

Openbsd

201 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.14%
  • Veröffentlicht 15.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:14

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_...

  • EPSS 1.38%
  • Veröffentlicht 17.11.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:51

The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP request...

  • EPSS 3.34%
  • Veröffentlicht 20.10.2003 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:38

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that caus...

  • EPSS 20.08%
  • Veröffentlicht 06.10.2003 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:38

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

Exploit
  • EPSS 78.12%
  • Veröffentlicht 27.08.2003 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:15

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to tr...

  • EPSS 0.33%
  • Veröffentlicht 11.04.2003 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:59:17

Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsig...

Exploit
  • EPSS 1.91%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:38

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or...

Exploit
  • EPSS 15.03%
  • Veröffentlicht 25.03.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:22

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via ...

  • EPSS 13.72%
  • Veröffentlicht 03.03.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:28

ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cry...

  • EPSS 0.27%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:00:17

tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.