Shodan
Vulnerabilities
Vulnerable Software
Openbsd:  Security Vulnerabilities
CVE-2016-6243
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-03-07
CVE-2016-6245
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-03-07
CVE-2016-6246
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.
CVSS Score
4.4
EPSS Score
0.0
Published
2017-03-07
CVE-2016-6247
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-03-07
CVE-2016-6350
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-07
CVE-2016-6522
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-07
CVE-2016-6244
The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-03-07
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
CVSS Score
5.9
EPSS Score
0.925
Published
2017-02-13
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVSS Score
7.3
EPSS Score
0.016
Published
2017-01-05
CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-01-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved