CVE-2008-1146
https://notcve.org/view.php?id=CVE-2008-1146
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND. Cierto algoritmo generador de números pseudo-aleatorios(PRNG) que usa XOR y alterna en saltos de 3-bit (también conocido com o"algoritmo X3"), usado en OpenBSD de la v2.8 a la 4.2, permite a atacantes remotos adivinar datos sensibles como los IDs de una transacción DNS, observando una secuencia de datos generada previamente. NOTA: esta cuestión puede ser aprovechado por ataques como el envenenamiento de la caché DNS contra la modificación BIND en OpenBDS. • http://secunia.com/advisories/28819 http://www.securiteam.com/securityreviews/5PP0H0UNGW.html http://www.securityfocus.com/archive/1/487658 http://www.securityfocus.com/bid/27647 http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/40329 •
CVE-2008-1057
https://notcve.org/view.php?id=CVE-2008-1057
The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers. La función ip6_check_rh0hdr de netinet6/ip6_input.c en OpenBSD 4.2, permite a atacantes provocar una denegación de servicio (error irrecuperable del sistema) a través de cabeceras de enrutamiento IPv6 mal formadas. • http://secunia.com/advisories/29078 http://www.openbsd.org/errata42.html#008_ip6rthdr http://www.securityfocus.com/bid/27965 http://www.securitytracker.com/id?1019496 http://www.vupen.com/english/advisories/2008/0660 •
CVE-2008-1058
https://notcve.org/view.php?id=CVE-2008-1058
The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information. Vulnerabilidad de Denegación de servicio en netinet/tcp_subr.c en OpenBSD 4.1 y 4.2, que permite a atacantes remotos causar una denegación de servicio (kernel panic) a través de paquetes TCP manipulados. NOTA: algunos d estos detalles han sido obtenidos de información de terceros. • http://secunia.com/advisories/29078 http://www.openbsd.org/errata41.html#013_tcprespond http://www.openbsd.org/errata42.html#007_tcprespond http://www.securityfocus.com/bid/27949 http://www.securitytracker.com/id?1019495 http://www.vupen.com/english/advisories/2008/0660 •
CVE-2007-6700 – OpenBSD 4.1 - bgplg 'cmd' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-6700
Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en cgi-bin/bgplg en la interfaz web para el demonio BGPD de OpernBSD 4.1 permite a atacantes remotos inyectar web script o HTML de su elección a través del parámetro cmd. • https://www.exploit-db.com/exploits/31081 http://secunia.com/advisories/28726 http://www.mail-archive.com/misc%40openbsd.org/msg49057.html http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/bgplg/bgplg.c http://www.securityfocus.com/archive/1/487350/100/0/threaded http://www.securityfocus.com/archive/1/487369/100/0/threaded http://www.securityfocus.com/bid/27535 http://www.securitytracker.com/id?1019288 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2008-0384 – OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2008-0384
OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked. OpenBSD 4.2 permtie a usuarios locales provocar denegación de servicio (kernel panic) a través de una llamada SIOCGIFRTLABEL IOCTL sobre una interfaz que no tiene una etiqueta route, el cual dispara un puntero de referencia NULL cuando devuelve el valor de la función rtlabel_id2name no está validada. • https://www.exploit-db.com/exploits/4935 http://marc.info/?l=openbsd-security-announce&m=120007327504064 http://secunia.com/advisories/28473 http://www.openbsd.org/errata42.html#005_ifrtlabel http://www.securityfocus.com/bid/27252 http://www.securitytracker.com/id?1019188 •