Vulnerabilities > Openbsd

DATE CVE VULNERABILITY TITLE RISK
2017-10-26 CVE-2017-15906 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
network
low complexity
openbsd oracle debian netapp redhat CWE-732
5.3
2017-10-16 CVE-2015-7687 Use After Free vulnerability in multiple products
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
network
low complexity
openbsd fedoraproject CWE-416
7.5
2017-06-19 CVE-2017-1000373 Resource Exhaustion vulnerability in Openbsd
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times.
network
low complexity
openbsd CWE-400
6.4
2017-06-19 CVE-2017-1000372 Security Bypass vulnerability in OpenBSD
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at.
network
low complexity
openbsd
7.5
2017-04-27 CVE-2017-8301 Improper Certificate Validation vulnerability in Openbsd Libressl 2.5.1/2.5.2/2.5.3
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
network
high complexity
openbsd CWE-295
2.6
2017-04-11 CVE-2016-1908 Improper Authentication vulnerability in multiple products
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
network
low complexity
openbsd debian oracle redhat CWE-287
critical
9.8
2017-03-27 CVE-2017-5850 Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
network
low complexity
openbsd CWE-770
7.8
2017-03-07 CVE-2016-6522 Integer Overflow or Wraparound vulnerability in Openbsd 5.9
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.
local
low complexity
openbsd CWE-190
4.9
2017-03-07 CVE-2016-6350 NULL Pointer Dereference vulnerability in Openbsd 5.8/5.9
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.
local
low complexity
openbsd CWE-476
4.9
2017-03-07 CVE-2016-6247 Improper Input Validation vulnerability in Openbsd 5.8/5.9
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.
local
low complexity
openbsd CWE-20
4.9