CVE-2023-38283
https://notcve.org/view.php?id=CVE-2023-38283
In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006. • https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sig https://github.com/openbgpd-portable/openbgpd-portable/releases/tag/8.1 https://news.ycombinator.com/item?id=37305800 https://www.openbsd.org/errata73.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2022-48437
https://notcve.org/view.php?id=CVE-2022-48437
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate. • https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.1-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/001_x509.patch.sig https://github.com/openbsd/src/commit/4f94258c65a918ee3d8670e93916d15bf879e6ec • CWE-295: Improper Certificate Validation •
CVE-2022-27882
https://notcve.org/view.php?id=CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation. slaacd en OpenBSD versiones 6.9 y 7.0 anteriores a 22-03-2022, presenta un error de firma de enteros y un desbordamiento de búfer resultante en la región heap de la memoria que puede ser desencadenado por un anuncio de enrutador IPv6 diseñado. NOTA: la separación de privilegios y la cobertura pueden prevenir la explotación • https://blog.quarkslab.com/heap-overflow-in-openbsds-slaacd-via-router-advertisement.html https://ftp.openbsd.org/pub/OpenBSD/patches/6.9/common/033_slaacd.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/017_slaacd.patch.sig https://security.netapp.com/advisory/ntap-20220506-0005 • CWE-681: Incorrect Conversion between Numeric Types •
CVE-2022-27881
https://notcve.org/view.php?id=CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation. El archivo engine.c en slaacd en OpenBSD versiones 6.9 y 7.0 anteriores a 21-02-2022, presenta un desbordamiento de búfer desencadenable por un anuncio de enrutador IPv6 con más de siete servidores de nombre. NOTA: la separación de privilegios y la protección pueden prevenir la explotación • https://blog.quarkslab.com/heap-overflow-in-openbsds-slaacd-via-router-advertisement.html https://ftp.openbsd.org/pub/OpenBSD/patches/6.9/common/030_slaacd.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/014_slaacd.patch.sig https://security.netapp.com/advisory/ntap-20220506-0005 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2010-4816
https://notcve.org/view.php?id=CVE-2010-4816
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service. Se encontró en FreeBSD versiones 8.0, 6.3 y 4.9, y en OpenBSD versiones 4.6 que una desreferencia de puntero null en el archivo ftpd/popen.c puede conllevar a una denegación de servicio remota del servicio ftpd • https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=144761 https://seclists.org/fulldisclosure/2010/Mar/117 https://seclists.org/oss-sec/2011/q3/284 • CWE-476: NULL Pointer Dereference •