Vulnerabilities > Openbsd
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-29 | CVE-2006-4436 | Unspecified vulnerability in Openbsd 3.8/3.9 isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection. | 5.0 |
2006-08-29 | CVE-2006-4435 | Denial Of Service vulnerability in Openbsd 3.8/3.9 OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default. | 4.9 |
2006-08-24 | CVE-2006-4304 | Buffer Overflow vulnerability in NetBSD In-Kernel PPP Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. | 10.0 |
2006-03-07 | CVE-2006-0883 | Resource Management Errors vulnerability in multiple products OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. | 5.0 |
2006-01-25 | CVE-2006-0225 | Unspecified vulnerability in Openbsd Openssh scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. | 4.6 |
2006-01-06 | CVE-2006-0098 | Unspecified vulnerability in Openbsd 3.7/3.8 The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/. | 4.6 |
2005-12-31 | CVE-2005-4351 | Local Security vulnerability in kernel The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. | 4.3 |
2005-09-06 | CVE-2005-2798 | Unspecified vulnerability in Openbsd Openssh sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. | 5.0 |
2005-09-06 | CVE-2005-2797 | Unspecified vulnerability in Openbsd Openssh 4.0 OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality. | 5.0 |
2005-05-31 | CVE-2005-0356 | Remote Denial Of Service vulnerability in Multiple Vendor TCP Timestamp PAWS Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5.0 |