Vulnerabilities > Openbsd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0960 | Remote Denial Of Service vulnerability in Openbsd 3.5/3.6 Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash). | 5.0 |
| 2005-05-02 | CVE-2005-0637 | Unspecified vulnerability in Openbsd 3.5/3.6 The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | 5.0 |
| 2005-01-13 | CVE-2005-0740 | Remote Denial Of Service vulnerability in OpenBSD TCP Timestamp The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. | 5.0 |
| 2004-12-31 | CVE-2004-2760 | Configuration vulnerability in Openbsd Openssh 3.5/3.5P1 sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. | 6.8 |
| 2004-12-31 | CVE-2004-2338 | Unspecified vulnerability in Openbsd 3.3/3.4 OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. | 7.5 |
| 2004-12-31 | CVE-2004-2230 | Buffer Overflow Local Denial Of Service vulnerability in Openbsd 3.4/3.5/3.6 Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | 2.1 |
| 2004-12-31 | CVE-2004-2163 | Authentication Bypass vulnerability in Openbsd 3.2/3.4/3.5 login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. | 7.5 |
| 2004-12-31 | CVE-2004-2069 | Remote Denial Of Service vulnerability in OpenSSH LoginGraceTime sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption). | 5.0 |
| 2004-12-31 | CVE-2004-1799 | Unspecified vulnerability in Openbsd PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces. | 7.5 |
| 2004-12-31 | CVE-2004-1471 | Multiple vulnerability in CVS Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | 7.1 |