Vulnerabilities > Openbsd > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-11-29 | CVE-2002-1219 | Buffer Overflow vulnerability in ISC BIND SIG Cached Resource Record Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | 7.5 |
2002-08-12 | CVE-2002-0766 | Unspecified vulnerability in Openbsd 2.9/3.0/3.1 OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. | 7.2 |
2002-08-12 | CVE-2002-0765 | Authentication Implementation Error vulnerability in Openbsd and Openssh sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. | 7.5 |
2002-08-12 | CVE-2002-0414 | KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | 7.5 |
2002-08-12 | CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | 7.2 |
2002-07-03 | CVE-2002-0572 | FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | 7.2 |
2002-07-03 | CVE-2002-0557 | Unspecified vulnerability in Openbsd 3.0 Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). | 7.5 |
2002-07-03 | CVE-2002-0542 | Unspecified vulnerability in Openbsd 2.9/3.0 mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron. | 7.2 |
2002-06-18 | CVE-2002-0575 | Buffer Overflow vulnerability in OpenSSH Kerberos 4 TGT/AFS Token Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges. | 7.5 |
2001-12-31 | CVE-2001-1507 | Unspecified vulnerability in Openbsd Openssh 3.0/3.0P1 OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. | 7.5 |