Openbsd@* Security Vulnerabilities and Issues — Openbsd@* CVE List

Lucene search

OpenbsdOpenbsd*

11 matches found

CVE•added 2004/08/06 4:0 a.m.•413 views

CVE-2004-0492

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

10CVSS8.1AI score0.19739EPSS

CVE•added 2004/08/06 4:0 a.m.•63 views

CVE-2004-0418

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

10CVSS7.3AI score0.14279EPSS

CVE•added 2004/08/06 4:0 a.m.•60 views

CVE-2004-0416

Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

10CVSS7AI score0.43031EPSS

CVE•added 2004/05/04 4:0 a.m.•58 views

CVE-2004-0220

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test ...

10CVSS6.5AI score0.02871EPSS

CVE•added 2004/08/06 4:0 a.m.•55 views

CVE-2004-0417

Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.

5CVSS6.5AI score0.04491EPSS

CVE•added 2004/08/06 4:0 a.m.•53 views

CVE-2004-0414

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

10CVSS7AI score0.05252EPSS

CVE•added 2004/09/01 4:0 a.m.•51 views

CVE-2004-0114

The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or wr...

4.6CVSS6.2AI score0.0033EPSS

CVE•added 2004/05/04 4:0 a.m.•50 views

CVE-2004-0219

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5CVSS6.5AI score0.01638EPSS

CVE•added 2004/05/04 4:0 a.m.•47 views

CVE-2004-0221

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5CVSS6.4AI score0.02137EPSS

CVE•added 2004/05/04 4:0 a.m.•41 views

CVE-2004-0222

Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5CVSS6.5AI score0.02231EPSS

CVE•added 2004/05/04 4:0 a.m.•40 views

CVE-2004-0218

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5CVSS6.4AI score0.02839EPSS