Vulnerabilities > Openbsd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1915 | Improper Locking vulnerability in multiple products tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | 5.5 |
| 2002-12-23 | CVE-2002-1345 | Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. | 5.0 |
| 2002-11-29 | CVE-2002-1221 | Denial Of Service vulnerability in ISC BIND 8 Invalid Expiry Time BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | 5.0 |
| 2002-11-29 | CVE-2002-1220 | Denial of Service vulnerability in ISC BIND OPT Record Large UDP BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | 5.0 |
| 2002-11-29 | CVE-2002-1219 | Buffer Overflow vulnerability in ISC BIND SIG Cached Resource Record Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | 7.5 |
| 2002-08-12 | CVE-2002-0766 | Unspecified vulnerability in Openbsd 2.9/3.0/3.1 OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. | 7.2 |
| 2002-08-12 | CVE-2002-0765 | Authentication Implementation Error vulnerability in Openbsd and Openssh sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. | 7.5 |
| 2002-08-12 | CVE-2002-0414 | KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | 7.5 |
| 2002-08-12 | CVE-2002-0391 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | 9.8 |
| 2002-08-12 | CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | 7.2 |