Vulnerabilities > Openbsd > Openbsd > 2.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2180 | Unspecified vulnerability in Openbsd The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | 6.8 |
| 2002-12-31 | CVE-2002-2092 | Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | 3.7 |
| 2002-12-31 | CVE-2002-1915 | Improper Locking vulnerability in multiple products tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | 5.5 |
| 2001-08-17 | CVE-2001-1145 | Directory Traversal Race Condition vulnerability in Multiple BSD FTS fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | 6.2 |
| 2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
| 2001-07-07 | CVE-2001-1244 | Denial of Service vulnerability in Multiple Vendor Small TCP MSS Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | 5.0 |
| 2001-06-27 | CVE-2001-0378 | Information Disclosure vulnerability in OpenBSD readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | 2.1 |
| 2001-06-18 | CVE-2001-0402 | IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | 7.5 |
| 2001-06-18 | CVE-2001-0247 | Buffer Overflow vulnerability in Multiple Vendor BSD ftpd glob() Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | 10.0 |
| 2001-06-02 | CVE-2001-1047 | Denial Of Service vulnerability in OpenBSD Dup2 VFS Race Condition Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. | 1.2 |