| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. |
| FreeBSD mmap function allows users to modify append-only or immutable files. |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. |
| Denial of service in "poll" in OpenBSD. |
| OpenBSD kernel crash through TSS handling, as caused by the crashme program. |
| OpenBSD crash using nlink value in FFS and EXT2FS filesystems. |
| Buffer overflow in OpenBSD ping. |
| Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD. |
| The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. |
| OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices. |
| Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. |
| A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted. |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. |
| The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. |
| File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). |
