Openbsd

openbsd

Vendor: Openbsd • 198 CVEs

CVEs (198)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-0391 4Freebsd MicrosoftOpenbsd+1 more 7Freebsd OpenbsdSolaris+4 more Apr 16, 2026 Aug 12, 2002 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large num...Show more Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.Show less
CVE-2000-1208 4Immunix NetbsdOpenbsd+1 more 4Immunix LinuxNetbsd+1 more Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call...Show more Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.Show less
CVE-2002-0701 2Freebsd Openbsd 2Freebsd Openbsd Apr 16, 2026 Jul 23, 2002 N/A· v4 N/A· v3 2.1 LOW· v2 ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the...Show more ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.Show less
CVE-2002-0572 3Freebsd OpenbsdSun 4Freebsd OpenbsdSolaris+1 more Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standar...Show more FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.Show less
CVE-2002-0557 1Openbsd 1Openbsd Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory...Show more Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval().Show less
CVE-2002-0542 1Openbsd 1Openbsd Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
CVE-2002-0381 3Freebsd NetbsdOpenbsd 3Freebsd NetbsdOpenbsd Apr 16, 2026 Jun 25, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast l...Show more The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.Show less
CVE-2001-1559 1Openbsd 1Openbsd Apr 16, 2026 Dec 31, 2001 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigg...Show more The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.Show less
CVE-2001-1415 1Openbsd 1Openbsd Apr 16, 2026 Nov 13, 2001 N/A· v4 N/A· v3 4.6 MEDIUM· v2 vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
CVE-2001-0670 4Bsd FreebsdNetbsd+1 more 4Bsd FreebsdNetbsd+1 more Apr 16, 2026 Oct 3, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer...Show more Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.Show less
CVE-2001-1145 3Freebsd NetbsdOpenbsd 3Freebsd NetbsdOpenbsd Apr 16, 2026 Aug 17, 2001 N/A· v4 N/A· v3 6.2 MEDIUM· v2 fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved,...Show more fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.Show less
CVE-2001-0554 9Debian FreebsdIbm+6 more 11Aix Debian LinuxFreebsd+8 more Apr 16, 2026 Aug 14, 2001 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by t...Show more Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.Show less
CVE-2001-1244 7Freebsd HpLinux+4 more 9Freebsd Hp UxLinux Kernel+6 more Apr 16, 2026 Jul 7, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data,...Show more Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.Show less
CVE-2001-0378 1Openbsd 1Openbsd Apr 16, 2026 Jun 27, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.
CVE-2001-0402 3Darren Reed FreebsdOpenbsd 3Freebsd IpfilterOpenbsd Apr 16, 2026 Jun 18, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfra...Show more IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.Show less
CVE-2001-0247 5Freebsd MitNetbsd+2 more 5Freebsd IrixKerberos 5+2 more Apr 16, 2026 Jun 18, 2001 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buf...Show more Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.Show less
CVE-2001-1047 1Openbsd 1Openbsd Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 1.2 LOW· v2 Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2)...Show more Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.Show less
CVE-2001-0284 1Openbsd 1Openbsd Apr 16, 2026 May 3, 2001 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 o...Show more Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.Show less
CVE-2001-0268 2Netbsd Openbsd 2Netbsd Openbsd Apr 16, 2026 May 3, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by c...Show more The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.Show less
CVE-2000-0313 1Openbsd 1Openbsd Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.

Previous 1...6 789 10 Next