CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-29323
https://notcve.org/view.php?id=CVE-2023-29323
ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address. • https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.49&r2=1.49.4.1&f=h https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.50&r2=1.50.4.1&f=h https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.50&r2=1.51&f=h https://ftp.openbsd.org/pub/OpenBSD/patches/7.1/common/024_smtpd.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/020_smtpd&# •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27567
https://notcve.org/view.php?id=CVE-2023-27567
In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel. • https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/013_tcp.patch.sig https://github.com/openbsd/src/commit/0a543725ccdd2a01669122ce79bb67e66ede77f2 https://security.netapp.com/advisory/ntap-20230406-0001 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-27882
https://notcve.org/view.php?id=CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation. slaacd en OpenBSD versiones 6.9 y 7.0 anteriores a 22-03-2022, presenta un error de firma de enteros y un desbordamiento de búfer resultante en la región heap de la memoria que puede ser desencadenado por un anuncio de enrutador IPv6 diseñado. NOTA: la separación de privilegios y la cobertura pueden prevenir la explotación • https://blog.quarkslab.com/heap-overflow-in-openbsds-slaacd-via-router-advertisement.html https://ftp.openbsd.org/pub/OpenBSD/patches/6.9/common/033_slaacd.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/017_slaacd.patch.sig https://security.netapp.com/advisory/ntap-20220506-0005 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-27881
https://notcve.org/view.php?id=CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation. El archivo engine.c en slaacd en OpenBSD versiones 6.9 y 7.0 anteriores a 21-02-2022, presenta un desbordamiento de búfer desencadenable por un anuncio de enrutador IPv6 con más de siete servidores de nombre. NOTA: la separación de privilegios y la protección pueden prevenir la explotación • https://blog.quarkslab.com/heap-overflow-in-openbsds-slaacd-via-router-advertisement.html https://ftp.openbsd.org/pub/OpenBSD/patches/6.9/common/030_slaacd.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/014_slaacd.patch.sig https://security.netapp.com/advisory/ntap-20220506-0005 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2CVE-2010-4816
https://notcve.org/view.php?id=CVE-2010-4816
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service. Se encontró en FreeBSD versiones 8.0, 6.3 y 4.9, y en OpenBSD versiones 4.6 que una desreferencia de puntero null en el archivo ftpd/popen.c puede conllevar a una denegación de servicio remota del servicio ftpd • https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=144761 https://seclists.org/fulldisclosure/2010/Mar/117 https://seclists.org/oss-sec/2011/q3/284 • CWE-476: NULL Pointer Dereference •