Vulnerabilities > Openbsd > Openbsd > 4.3

DATE CVE VULNERABILITY TITLE RISK
2023-04-15 CVE-2021-46880 Improper Certificate Validation vulnerability in Openbsd
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
network
low complexity
openbsd CWE-295
critical
9.8
2023-04-12 CVE-2022-48437 Improper Certificate Validation vulnerability in Openbsd
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001.
network
low complexity
openbsd CWE-295
5.3
2020-07-28 CVE-2020-16088 Improper Authentication vulnerability in Openbsd
iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
network
low complexity
openbsd CWE-287
7.5
2019-12-12 CVE-2019-19726 Improper Privilege Management vulnerability in Openbsd
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit.
local
low complexity
openbsd CWE-269
7.8
2019-08-26 CVE-2019-8460 Unspecified vulnerability in Openbsd
OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service.
network
low complexity
openbsd
5.0
2017-06-19 CVE-2017-1000373 Resource Exhaustion vulnerability in Openbsd
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times.
network
low complexity
openbsd CWE-400
6.4
2017-06-19 CVE-2017-1000372 Security Bypass vulnerability in OpenBSD
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at.
network
low complexity
openbsd
7.5
2009-08-11 CVE-2009-0687 Resource Management Errors vulnerability in multiple products
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.
network
low complexity
midnightbsd mirbsd netbsd openbsd CWE-399
7.8
2009-03-04 CVE-2009-0780 Remote Denial of Service vulnerability in OpenBSD bgpd
The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path.
network
low complexity
openbsd
5.0
2008-10-03 CVE-2008-2476 Improper Input Validation vulnerability in multiple products
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
9.3