Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Openbsd Subscribe
Filtered by product Openbsd
Total 187 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0514 1 Openbsd 1 Openbsd 2008-09-05 5.0 MEDIUM N/A
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
CVE-2002-0557 1 Openbsd 1 Openbsd 2008-09-05 7.5 HIGH N/A
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval().
CVE-2002-0381 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2008-09-05 5.0 MEDIUM N/A
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
CVE-2002-0414 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2008-09-05 7.5 HIGH N/A
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
CVE-2001-1559 1 Openbsd 1 Openbsd 2008-09-05 2.1 LOW N/A
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
CVE-2000-0751 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2008-09-05 7.5 HIGH N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2000-0312 1 Openbsd 1 Openbsd 2008-09-05 7.2 HIGH N/A
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.