CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1799
https://notcve.org/view.php?id=CVE-2004-1799
31 Dec 2004 — PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces. • http://marc.info/?l=full-disclosure&m=107331321302113&w=2 •
CVSS: 9.1EPSS: 1%CPEs: 3EXPL: 0CVE-2004-2163
https://notcve.org/view.php?id=CVE-2004-2163
31 Dec 2004 — login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. • http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0058.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2338
https://notcve.org/view.php?id=CVE-2004-2338
31 Dec 2004 — OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. • http://www.openbsd.org/errata33.html •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 0CVE-2004-0257
https://notcve.org/view.php?id=CVE-2004-0257
01 Sep 2004 — OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. OpenBSD 3.4 y NetBSD 1.6 y 1.6.1 permiten a atacantes remotos causar una denegación de servicio (caida) enviand un paquete IPv6 con una MTU pequeña a un puerto en escucha y a continuación un conectar TCP a ese puerto. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2004-0819
https://notcve.org/view.php?id=CVE-2004-0819
25 Aug 2004 — The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet. • http://marc.info/?l=bugtraq&m=109345131508824&w=2 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0218
https://notcve.org/view.php?id=CVE-2004-0218
25 Mar 2004 — isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito) mediante un paquete ISAKMP con una carga útil de logitud cero, como se ha demostrado por la Suite de pruebas de protocolos ISAKMP Striker. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2004-0219
https://notcve.org/view.php?id=CVE-2004-0219
25 Mar 2004 — isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y anteriores permite a atacantes causar una denegación de servicio (caída) mediante un paquete ISAKMP con una carga útil IPSEC SA, como se ha demostrado por el paquete de pruebas de protocolos ISAKMP Striker. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0220
https://notcve.org/view.php?id=CVE-2004-0220
25 Mar 2004 — isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio a través de un paquete ISAKMP con una carga útil Cert Request malformada, lo que provoca un desb... • http://marc.info/?l=bugtraq&m=108008530028019&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0221
https://notcve.org/view.php?id=CVE-2004-0221
25 Mar 2004 — isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) mediante un paquete ISAKMP con una carga útil de borrado conteniendo un gran número de SPIs, lo que dispara un error de lectura f... • http://marc.info/?l=bugtraq&m=108008530028019&w=2 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0222
https://notcve.org/view.php?id=CVE-2004-0222
25 Mar 2004 — Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite. Múltiples fugas de memoria en isakmpd en OpenBSD 3.4 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante ciertos paquetes ISAKMP, como se ha demostrado por el paquete de pruebas de protocolos ISAKMP Striker. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 • CWE-401: Missing Release of Memory after Effective Lifetime •