Vulnerabilities > Openbsd > Openbsd > 3.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-04 | CVE-2008-1146 | A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. | 6.8 |
2007-01-18 | CVE-2007-0343 | Remote Denial Of Service vulnerability in OpenBSD ICMP6 Echo Request OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. | 5.0 |
2005-12-31 | CVE-2005-4351 | Local Security vulnerability in kernel The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. | 4.3 |
2005-05-31 | CVE-2005-0356 | Remote Denial Of Service vulnerability in Multiple Vendor TCP Timestamp PAWS Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5.0 |
2005-05-02 | CVE-2005-0960 | Remote Denial Of Service vulnerability in Openbsd 3.5/3.6 Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash). | 5.0 |
2005-05-02 | CVE-2005-0637 | Unspecified vulnerability in Openbsd 3.5/3.6 The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | 5.0 |
2005-01-13 | CVE-2005-0740 | Remote Denial Of Service vulnerability in OpenBSD TCP Timestamp The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. | 5.0 |
2004-12-31 | CVE-2004-2230 | Buffer Overflow Local Denial Of Service vulnerability in Openbsd 3.4/3.5/3.6 Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | 2.1 |