Vulnerabilities > Openbsd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-15 | CVE-2018-12434 | Information Exposure vulnerability in Openbsd Libressl LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. | 4.7 |
| 2018-03-24 | CVE-2018-8970 | Improper Certificate Validation vulnerability in Openbsd Libressl 2.7.0 The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |
| 2018-01-21 | CVE-2016-10708 | NULL Pointer Dereference vulnerability in multiple products sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. | 7.5 |
| 2017-10-26 | CVE-2017-15906 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. | 5.3 |
| 2017-10-16 | CVE-2015-7687 | Use After Free vulnerability in multiple products Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta. | 9.8 |
| 2017-06-19 | CVE-2017-1000373 | Resource Exhaustion vulnerability in Openbsd The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. | 6.5 |
| 2017-06-19 | CVE-2017-1000372 | Unspecified vulnerability in Openbsd A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. | 9.8 |
| 2017-04-27 | CVE-2017-8301 | Improper Certificate Validation vulnerability in Openbsd Libressl 2.5.1/2.5.2/2.5.3 LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx. | 5.3 |
| 2017-04-11 | CVE-2016-1908 | Improper Authentication vulnerability in multiple products The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | 9.8 |
| 2017-03-27 | CVE-2017-5850 | Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 7.5 |