Openbsd

Openbsd

194 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2008-1058

  • EPSS 0.32%
  • Published 28.02.2008 19:44:00
  • Last modified 09.04.2025 00:30:58

The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.

4.3

CVE-2007-6700

Exploit
  • EPSS 3.3%
  • Published 05.02.2008 02:00:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter.

4.9

CVE-2008-0384

Exploit
  • EPSS 0.18%
  • Published 22.01.2008 20:00:00
  • Last modified 09.04.2025 00:30:58

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name ...

7.2

CVE-2007-5365

  • EPSS 41.63%
  • Published 11.10.2007 10:17:00
  • Last modified 09.04.2025 00:30:58

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemo...

8.5

CVE-2007-1351

  • EPSS 7.49%
  • Published 06.04.2007 01:19:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo...

3.8

CVE-2007-1352

  • EPSS 1.32%
  • Published 06.04.2007 01:19:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

10

CVE-2007-1365

  • EPSS 38.72%
  • Published 10.03.2007 21:19:00
  • Last modified 09.04.2025 00:30:58

Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.

5

CVE-2007-0343

  • EPSS 1.85%
  • Published 18.01.2007 02:28:00
  • Last modified 09.04.2025 00:30:58

OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets.

6

CVE-2007-0085

  • EPSS 0.22%
  • Published 05.01.2007 11:28:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecif...

6.6

CVE-2006-6730

  • EPSS 0.05%
  • Published 26.12.2006 23:28:00
  • Last modified 09.04.2025 00:30:58

OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SM...