CVE-2009-0537
- EPSS 3.59%
- Veröffentlicht 09.03.2009 21:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:15
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, ...
- EPSS 1.56%
- Veröffentlicht 04.03.2009 11:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:47
The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path.
CVE-2008-4609
- EPSS 32.12%
- Veröffentlicht 20.10.2008 17:59:26
- Zuletzt bearbeitet 16.06.2026 22:58:09
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vect...
CVE-2008-2476
- EPSS 7.43%
- Veröffentlicht 03.10.2008 15:07:10
- Zuletzt bearbeitet 16.06.2026 22:53:50
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origi...
CVE-2008-4247
- EPSS 4.05%
- Veröffentlicht 25.09.2008 19:25:18
- Zuletzt bearbeitet 16.06.2026 22:57:29
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execu...
CVE-2008-1215
- EPSS 0.79%
- Veröffentlicht 09.03.2008 02:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:14
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via lon...
CVE-2008-1057
- EPSS 1.66%
- Veröffentlicht 28.02.2008 19:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:53
The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers.
CVE-2008-1058
- EPSS 1.97%
- Veröffentlicht 28.02.2008 19:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:53
The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.
CVE-2007-6700
- EPSS 1.69%
- Veröffentlicht 05.02.2008 02:00:00
- Zuletzt bearbeitet 16.06.2026 22:48:36
Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter.
CVE-2008-0384
- EPSS 0.85%
- Veröffentlicht 22.01.2008 20:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:30
OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name ...