openbsd software vulnerabilities
vulnerabilities.aspcode.net
Searching openbsd software vulnerabilities
cron in OpenBSD 2.5 allows local users to gain
privileges
|
terminated
|
function
|
OpenBSD
|
argv[]
|
cron's
|
passed
|
allows
|
which
|
users
|
popen
|
local
|
root
|
fake
|
gain
|
NULL
|
cron
|
not
|
via
|
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.
Format string vulnerabilities in eeprom program
vulnerabilities
|
privileges
|
operating
|
attackers
|
possibly
|
OpenBSD
|
systems
|
program
|
allows
|
string
|
Format
|
NetBSD
|
eeprom
|
other
|
local
|
root
|
gain
|
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
Format string vulnerabilities in OpenBSD ssh pr
vulnerabilities
|
OpenBSD
|
program
|
string
|
Format
|
ssh
|
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
vi.recover in OpenBSD before 3.1 allows local u
arbitrary
|
zero-byte
|
virecover
|
OpenBSD
|
remove
|
device
|
allows
|
before
|
nodes
|
files
|
users
|
local
|
such
|
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
PF in OpenBSD 3.0 with the return-rst rule sets
return-rst
|
OpenBSD
|
sets
|
rule
|
TTL
|
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
Race condition in exec in OpenBSD 4.0 and earli
condition
|
OpenBSD
|
earlier
|
NetBSD
|
Race
|
exec
|
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
OpenBSD before 3.2 allows local users to cause
service
|
OpenBSD
|
denial
|
before
|
allows
|
cause
|
local
|
users
|
OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error.
isakmpd/message.c in isakmpd in FreeBSD before
isakmpd-20020403_1
|
isakmpd/messagec
|
attackers
|
service
|
OpenBSD
|
FreeBSD
|
isakmpd
|
before
|
denial
|
remote
|
allows
|
cause
|
isakmpd/message.c in isakmpd in FreeBSD before isakmpd-Wednesday, April 03, 2002_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence.
isakmpd in OpenBSD 3.4 and earlier allows remot
attackers
|
service
|
earlier
|
isakmpd
|
OpenBSD
|
denial
|
allows
|
remote
|
cause
|
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
isakmpd in OpenBSD 3.4 and earlier allows remot
attackers
|
service
|
earlier
|
isakmpd
|
OpenBSD
|
denial
|
allows
|
remote
|
cause
|
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
Multiple memory leaks in isakmpd in OpenBSD 3.4
attackers
|
Multiple
|
earlier
|
service
|
OpenBSD
|
isakmpd
|
denial
|
remote
|
memory
|
cause
|
allow
|
leaks
|
Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.
The bridge functionality in OpenBSD 3.4 and 3.5
functionality
|
configured
|
attackers
|
bridging
|
firewall
|
service
|
enabled
|
OpenBSD
|
gateway
|
running
|
remote
|
bridge
|
allows
|
option
|
denial
|
cause
|
link2
|
IPSec
|
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet.
PF in certain OpenBSD versions, when stateful f
interfaces
|
filtering
|
interface
|
attackers
|
versions
|
original
|
intended
|
stateful
|
session
|
OpenBSD
|
enabled
|
certain
|
spoofed
|
packets
|
filters
|
bypass
|
packet
|
allows
|
remote
|
other
|
limit
|
which
|
does
|
via
|
not
|
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.
login_radius on OpenBSD 3.2, 3.5, and possibly
authentication
|
login_radius
|
attackers
|
response
|
spoofing
|
possibly
|
versions
|
replies
|
OpenBSD
|
allows
|
server
|
bypass
|
remote
|
secret
|
shared
|
packet
|
RADIUS
|
verify
|
which
|
other
|
does
|
not
|
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies.
Heap-based buffer overflow in isakmpd on OpenBS
Heap-based
|
overflow
|
through
|
service
|
OpenBSD
|
isakmpd
|
denial
|
buffer
|
allows
|
cause
|
local
|
users
|
Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket.
OpenBSD 3.3 and 3.4 does not properly parse Acc
restrictions
|
big-endian
|
attackers
|
platforms
|
netmasks
|
properly
|
without
|
OpenBSD
|
SPARC64
|
bypass
|
access
|
remote
|
Accept
|
64-bit
|
allow
|
parse
|
rules
|
which
|
such
|
does
|
Deny
|
not
|
may
|
OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions.
The copy functions in locore.s such as copyout
boundaries
|
operating
|
attackers
|
functions
|
possibly
|
systems
|
locores
|
address
|
certain
|
OpenBSD
|
copyout
|
memory
|
exceed
|
modify
|
kernel
|
other
|
based
|
allow
|
copy
|
such
|
BSD
|
may
|
The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory.
Multiple vulnerabilities in the SACK functional
vulnerabilities
|
functionality
|
Multiple
|
SACK
|
Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash).
OpenBSD 3.8, 3.9, and possibly earlier versions
context-dependent
|
attackers
|
versions
|
possibly
|
OpenBSD
|
earlier
|
service
|
denial
|
allows
|
cause
|
OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default.
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allow
unspecified
|
/dev/crypto
|
involving
|
requests
|
service
|
certain
|
vectors
|
FreeBSD
|
OpenBSD
|
denial
|
allows
|
kernel
|
ioctl
|
cause
|
users
|
local
|
via
|
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.
Software vulnerabilities results 1 to 20 of 49
Page:
1
2
3
►