Openbsd@4.2 Security Vulnerabilities and Issues — Openbsd@4.2 CVE List

Lucene search

OpenbsdOpenbsd4.2

10 matches found

CVE•added 2008/10/20 5:59 p.m.•481 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS

CVE•added 2009/03/09 9:30 p.m.•133 views

CVE-2009-0537

Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as dem...

4.9CVSS6.4AI score0.04498EPSS

CVE•added 2008/10/03 3:7 p.m.•115 views

CVE-2008-2476

The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows re...

9.3CVSS6.2AI score0.14849EPSS

CVE•added 2007/10/11 10:17 a.m.•63 views

CVE-2007-5365

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum ...

7.2CVSS7.8AI score0.41631EPSS

CVE•added 2011/05/24 11:55 p.m.•62 views

CVE-2011-2168

Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.

5CVSS6.4AI score0.14231EPSS

CVE•added 2009/08/11 10:30 a.m.•56 views

CVE-2009-0687

The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during tr...

7.8CVSS6.8AI score0.12333EPSS

CVE•added 2008/01/22 8:0 p.m.•39 views

CVE-2008-0384

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

4.9CVSS6.2AI score0.00175EPSS

CVE•added 2008/02/28 7:44 p.m.•39 views

CVE-2008-1057

The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers.

7.8CVSS6.5AI score0.00393EPSS

CVE•added 2008/02/28 7:44 p.m.•36 views

CVE-2008-1058

The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.

7.8CVSS6.5AI score0.0032EPSS

CVE•added 2008/03/09 2:44 a.m.•33 views

CVE-2008-1215

Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.

4.6CVSS7.2AI score0.00402EPSS