Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openbsd
(Openbsd)| Repositories | https://github.com/openbsd/src |
| #Vulnerabilities | 186 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-10-20 | CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd | N/A | ||
| 1997-10-02 | CVE-1999-0061 | File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). | Bsd_os, Freebsd, Linux_kernel, Openbsd | N/A | ||
| 1998-02-01 | CVE-1999-0304 | mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | Bsd_os, Freebsd, Netbsd, Openbsd | N/A | ||
| 1998-05-21 | CVE-1999-0303 | Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. | Osf_1, Netbsd, Openbsd, Solaris, Sunos | N/A | ||
| 1999-02-17 | CVE-1999-0396 | A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | Netbsd, Openbsd | N/A | ||
| 2001-08-14 | CVE-2001-0554 | Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | Debian_linux, Freebsd, Aix, Kerberos, Kerberos_5, Netbsd, Linux_netkit, Openbsd, Irix, Solaris, Sunos | N/A | ||
| 2004-11-23 | CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server | N/A | ||
| 2021-06-22 | CVE-2010-4816 | It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service. | Openbsd | 7.5 | ||
| 2019-08-26 | CVE-2019-8460 | OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service. | Openbsd | 7.5 | ||
| 2019-12-05 | CVE-2019-19519 | In OpenBSD 6.6, local users can use the su -L option to achieve any login class (often excluding root) because there is a logic error in the main function in su/su.c. | Openbsd | 7.8 |