CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6243
https://notcve.org/view.php?id=CVE-2016-6243
07 Mar 2017 — thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. thrsleep en kern/kern_synch.c en OpenBSD 5.8 y 5.9 permite a usuarios locales provocar una denegación de servicio (pánico en el kernel) a través un valor manipulado en el parámetro tsp de la llamada al sistema the __thrsleep. • http://www.openbsd.org/errata58.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6245
https://notcve.org/view.php?id=CVE-2016-6245
07 Mar 2017 — OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. OpenBSD 5.8 y 5.9 permite a usuarios locales provocar una denegación de servicio (pánico en el kernel) a través de un tamaño grande en una llamada al sistema getdents. • http://www.openbsd.org/errata58.html •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6246
https://notcve.org/view.php?id=CVE-2016-6246
07 Mar 2017 — OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. OpenBSD 5.8 y 5.9 permite a ciertos usuarios locales con privilegios kern.usermount provocar una denegación de servicio (pánico en el kernel) montando un tmpfs con un VNOVAL en el (1) nombre de usuario, (2) nombre de grupo o (3) nombre de dispositivo del nodo root. • http://www.openbsd.org/errata58.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6247
https://notcve.org/view.php?id=CVE-2016-6247
07 Mar 2017 — OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. OpenBSD 5.8 y 5.9 permite a ciertos usuarios locales provocar una denegación de servicio (pánico en el kernel) desmontando un sistema de archivos con un vnode abierto en el mnt_vnodelist. • http://www.openbsd.org/errata58.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2016-6350
https://notcve.org/view.php?id=CVE-2016-6350
07 Mar 2017 — OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. OpenBSD 5.8 y 5.9 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y pánico) a través de una llamada sysctl con una ruta que comienza con 10,9. • http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/kern/vfs_subr.c.diff?r1=1.248&r2=1.249 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2016-6244
https://notcve.org/view.php?id=CVE-2016-6244
07 Mar 2017 — The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. La función sys_thrsigdivert en kern/kern_sig.c en el kernel OpenBSD 5.9 permite a atacantes remotos provocar una denegación de servicio (pánico) a través de un valor "ts.tv_sec" negativo. • http://www.openwall.com/lists/oss-security/2016/07/17/7 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 49%CPEs: 1EXPL: 4CVE-2017-5850 – OpenBSD HTTPd < 6.0 - Memory Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2017-5850
06 Feb 2017 — httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. httpd en OpenBSD permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de una serie de peticiones para un archivo grande utilizando un encabezado HTTP Range. OpenBSD HTTP server versions up to 6.0 suffer from a denial of service vulnerability. • https://packetstorm.news/files/id/140944 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2014-7250
https://notcve.org/view.php?id=CVE-2014-7250
12 Dec 2014 — The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. La pila de TCP en 4.3BSD Net/2, utilizado en FreeBSD 5.4, NetBSD posiblemente 2.0, y OpenBSD posiblemente 3.6, no implementa correctamente el temporizador de la sesión, lo que permite a atacantes remotos causar una denegación de servicio (consumo de recursos) ... • http://jvn.jp/en/jp/JVN07930208/index.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 20%CPEs: 4EXPL: 6CVE-2011-3336 – Libc - 'regcomp()' Stack Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2011-3336
14 Mar 2014 — regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. regcomp en la implementación BSD de libc, es vulnerable a una denegación de servicio debido al agotamiento de la pila. Mac OS X, Safari, Firefox and Kaspersky all suffer from a regular expression denial of service condition that was discovered long ago in regcomp(). • https://packetstorm.news/files/id/125725 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 8%CPEs: 40EXPL: 0CVE-2011-2895 – BSD compress LZW decoder buffer overflow
https://notcve.org/view.php?id=CVE-2011-2895
19 Aug 2011 — The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possib... • http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •