Openbsd

Openbsd

196 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2002-1345

  • EPSS 2.13%
  • Veröffentlicht 23.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.

7.5

CVE-2002-1219

  • EPSS 7.09%
  • Veröffentlicht 29.11.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

5

CVE-2002-1220

  • EPSS 32.69%
  • Veröffentlicht 29.11.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.

5

CVE-2002-1221

  • EPSS 3.66%
  • Veröffentlicht 29.11.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.

7.2

CVE-2000-1208

  • EPSS 0.05%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.

10

CVE-2002-0391

Exploit
  • EPSS 7.58%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array ...

7.5

CVE-2002-0414

  • EPSS 0.74%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload ...

5

CVE-2002-0514

Exploit
  • EPSS 2.09%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.

7.5

CVE-2002-0765

  • EPSS 0.6%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.

7.2

CVE-2002-0766

  • EPSS 0.18%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which ...