Openbsd

openbsd

Vendor: Openbsd • 198 CVEs

CVEs (198)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-2476 6Force10 FreebsdJuniper+3 more 6Freebsd FtosJnos+3 more Apr 23, 2026 Oct 3, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6...Show more The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).Show less
CVE-2008-4247 3Freebsd NetbsdOpenbsd 3Freebsd NetbsdOpenbsd Apr 23, 2026 Sep 25, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request fo...Show more ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.Show less
CVE-2008-1215 3Freebsd NetbsdOpenbsd 3Freebsd NetbsdOpenbsd Apr 23, 2026 Mar 9, 2008 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local us...Show more Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.Show less
CVE-2008-1058 1Openbsd 1Openbsd Apr 23, 2026 Feb 28, 2008 N/A· v4 N/A· v3 7.8 HIGH· v2 The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.
CVE-2008-1057 1Openbsd 1Openbsd Apr 23, 2026 Feb 28, 2008 N/A· v4 N/A· v3 7.8 HIGH· v2 The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers.
CVE-2007-6700 1Openbsd 1Openbsd Apr 23, 2026 Feb 5, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter.
CVE-2008-0384 1Openbsd 1Openbsd Apr 23, 2026 Jan 22, 2008 N/A· v4 N/A· v3 4.9 MEDIUM· v2 OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return v...Show more OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.Show less
CVE-2007-5365 5Debian OpenbsdRedhat+2 more 7Debian Linux Enterprise LinuxLinux Advanced Workstation+4 more Apr 23, 2026 Oct 11, 2007 N/A· v4 N/A· v3 7.2 HIGH· v2 Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or ca...Show more Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.Show less
CVE-2007-1352 8Mandrakesoft OpenbsdRedhat+5 more 12Enterprise Linux Enterprise Linux DesktopFedora Core+9 more Apr 23, 2026 Apr 6, 2007 N/A· v4 N/A· v3 3.8 LOW· v2 Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overfl...Show more Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.Show less
CVE-2007-1351 7Mandrakesoft OpenbsdRedhat+4 more 9Enterprise Linux Enterprise Linux DesktopLibxfont+6 more Apr 23, 2026 Apr 6, 2007 N/A· v4 N/A· v3 8.5 HIGH· v2 Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts,...Show more Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.Show less
CVE-2007-1365 1Openbsd 1Openbsd Apr 23, 2026 Mar 10, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally rep...Show more Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.Show less
CVE-2007-0343 1Openbsd 1Openbsd Apr 23, 2026 Jan 18, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets.
CVE-2007-0085 1Openbsd 1Openbsd Apr 23, 2026 Jan 5, 2007 N/A· v4 N/A· v3 6.0 MEDIUM· v2 Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users t...Show more Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference.Show less
CVE-2006-6730 2Netbsd Openbsd 2Netbsd Openbsd Apr 23, 2026 Dec 26, 2006 N/A· v4 N/A· v3 6.6 MEDIUM· v2 OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM...Show more OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2.Show less
CVE-2006-6397 3Freebsd NetbsdOpenbsd 3Freebsd NetbsdOpenbsd Apr 23, 2026 Dec 8, 2006 N/A· v4 N/A· v3 4.4 MEDIUM· v2 Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exp...Show more Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerabilityShow less
CVE-2006-6164 1Openbsd 1Openbsd Apr 23, 2026 Nov 29, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading p...Show more The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.Show less
CVE-2006-5550 2Freebsd Openbsd 2Freebsd Openbsd Apr 23, 2026 Oct 26, 2006 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.
CVE-2006-5218 2Netbsd Openbsd 2Netbsd Openbsd Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via lar...Show more Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.Show less
CVE-2006-4436 1Openbsd 1Openbsd Apr 16, 2026 Aug 29, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to repla...Show more isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection.Show less
CVE-2006-4435 1Openbsd 1Openbsd Apr 16, 2026 Aug 29, 2006 N/A· v4 N/A· v3 4.9 MEDIUM· v2 OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default.

Previous 1 2 345...10 Next