Product:

Openbsd

(Openbsd)
Repositories https://github.com/openbsd/src
#Vulnerabilities 177
Date Id Summary Products Score Patch Annotated
2021-05-11 CVE-2020-26142 An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration. Openbsd 7.5
2004-08-06 CVE-2004-0492 Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. Http_server, Virtualvault, Vvos, Webproxy, Http_server, Openbsd, Propack N/A
2004-07-07 CVE-2004-0488 Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. Http_server, Linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Mod_ssl, Openbsd, Propack, Tinysofa_enterprise_server, Secure_linux N/A
2011-05-16 CVE-2011-0419 Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. Http_server, Portable_runtime, Mac_os_x, Freebsd, Android, Netbsd, Openbsd, Solaris N/A
2019-12-11 CVE-2019-14899 A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. Ipad_os, Iphone_os, Mac_os_x, Tvos, Freebsd, Linux_kernel, Openbsd 7.4
2019-08-26 CVE-2019-8460 OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service. Openbsd 7.5
2011-05-09 CVE-2011-1013 Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument. Linux_kernel, Openbsd N/A
2020-07-28 CVE-2020-16088 iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches. Openbsd N/A
2020-02-12 CVE-2011-3336 regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. Mac_os_x, Freebsd, Openbsd, Php N/A
2003-03-25 CVE-2003-0028 Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. Unicos, Freebsd, Glibc, Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800, Aix, Kerberos_5, Openafs, Openbsd, Irix, Solaris, Sunos N/A