Openbsd CVE - CVE Search - CVE Details

Filtered by vendor Openbsd Subscribe

Total 306 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2001-1559	1 Openbsd	1 Openbsd	2008-09-05	2.1 LOW	N/A
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
CVE-2001-1382	1 Openbsd	1 Openssh	2008-09-05	5.0 MEDIUM	N/A
The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
CVE-2001-0572	2 Openbsd, Ssh	2 Openssh, Ssh	2008-09-05	7.5 HIGH	N/A
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.
CVE-2000-0999	1 Openbsd	1 Openssh	2008-09-05	10.0 HIGH	N/A
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
CVE-2000-0751	3 Netbsd, Openbsd, Redhat	3 Netbsd, Openbsd, Linux	2008-09-05	7.5 HIGH	N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2000-0312	1 Openbsd	1 Openbsd	2008-09-05	7.2 HIGH	N/A
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.

Vulnerabilities (CVE)