Vulnerabilities > Openbsd
|2017-10-26||CVE-2017-15906|| Incorrect Permission Assignment for Critical Resource vulnerability in multiple products |
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
| 5.3 |
|2017-10-16||CVE-2015-7687|| Use After Free vulnerability in multiple products |
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
| 7.5 |
|2017-06-19||CVE-2017-1000373|| Resource Exhaustion vulnerability in Openbsd |
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times.
| 6.4 |
|2017-06-19||CVE-2017-1000372|| Security Bypass vulnerability in OpenBSD |
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at.
| 7.5 |
|2017-04-27||CVE-2017-8301|| Improper Certificate Validation vulnerability in Openbsd Libressl 2.5.1/2.5.2/2.5.3 |
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
| 2.6 |
|2017-04-11||CVE-2016-1908|| Improper Authentication vulnerability in multiple products |
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
| 9.8 |
|2017-03-27||CVE-2017-5850|| Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 |
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
| 7.8 |
|2017-03-07||CVE-2016-6522|| Integer Overflow or Wraparound vulnerability in Openbsd 5.9 |
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.
| 4.9 |
|2017-03-07||CVE-2016-6350|| NULL Pointer Dereference vulnerability in Openbsd 5.8/5.9 |
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.
| 4.9 |
|2017-03-07||CVE-2016-6247|| Improper Input Validation vulnerability in Openbsd 5.8/5.9 |
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.
| 4.9 |