Vulnerabilities
Vulnerable Software
Openbsd:  >> Openbsd  >> 2.7  Security Vulnerabilities
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.
CVSS Score
1.2
EPSS Score
0.003
Published
2001-06-02
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
CVSS Score
7.2
EPSS Score
0.006
Published
2001-05-03
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
CVSS Score
10.0
EPSS Score
0.031
Published
2001-05-03
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.179
Published
2001-02-12
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.016
Published
2000-12-19
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVSS Score
7.2
EPSS Score
0.017
Published
2000-12-19
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
CVSS Score
7.2
EPSS Score
0.014
Published
2000-12-19
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.
CVSS Score
7.2
EPSS Score
0.006
Published
2000-12-19
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.
CVSS Score
7.2
EPSS Score
0.005
Published
2000-12-19
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
CVSS Score
7.2
EPSS Score
0.005
Published
2000-12-19


Contact Us

Shodan ® - All rights reserved