Openbsd: >> Openbsd >> 2.2 Security Vulnerabilities
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
CVSS Score
7.5
EPSS Score
0.162
Published
2001-10-03
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.
CVSS Score
6.2
EPSS Score
0.001
Published
2001-08-17
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVSS Score
10.0
EPSS Score
0.274
Published
2001-08-14
readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-06-27
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-05-03
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
CVSS Score
10.0
EPSS Score
0.014
Published
2001-05-03
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
CVSS Score
5.0
EPSS Score
0.067
Published
2000-12-19
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-12-19
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-12-19
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-08-09