CVSS: 6.8EPSS: 1%CPEs: 198EXPL: 0CVE-2008-1148
https://notcve.org/view.php?id=CVE-2008-1148
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting. Cierto algoritmo generador de números pseudo-aleatorios(PRNG) que usa ADD con 0 saltos aleatorios(también conocido como "algoritmo A0"), usado en OpenBSD de la v3.5 a la 4.2 y NetBSD v1.6.2 a la 4.0, permite a atacantes remotos adivinar datos sensibles como (1)los IDs de una transacción DNS, (2)IDs de una fragmentación IP observando una secuencias generadas previamente. NOTA: este fallo puede ser aprovechado por ataques como el envenenamiento de la cachés DNS, la inyección de paquetes TCP y OS fingerprinting. • http://secunia.com/advisories/28819 http://www.securiteam.com/securityreviews/5PP0H0UNGW.html http://www.securityfocus.com/archive/1/487658 http://www.securityfocus.com/bid/27647 http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/40329 https://exchange.xforce.ibmcloud.com/vulnerabilities/41157 •
CVSS: 6.8EPSS: 1%CPEs: 198EXPL: 0CVE-2008-1146
https://notcve.org/view.php?id=CVE-2008-1146
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND. Cierto algoritmo generador de números pseudo-aleatorios(PRNG) que usa XOR y alterna en saltos de 3-bit (también conocido com o"algoritmo X3"), usado en OpenBSD de la v2.8 a la 4.2, permite a atacantes remotos adivinar datos sensibles como los IDs de una transacción DNS, observando una secuencia de datos generada previamente. NOTA: esta cuestión puede ser aprovechado por ataques como el envenenamiento de la caché DNS contra la modificación BIND en OpenBDS. • http://secunia.com/advisories/28819 http://www.securiteam.com/securityreviews/5PP0H0UNGW.html http://www.securityfocus.com/archive/1/487658 http://www.securityfocus.com/bid/27647 http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/40329 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2007-0343
https://notcve.org/view.php?id=CVE-2007-0343
OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. OpenBSD anterior a 20070116 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y agotamiento de CPU) a través de ciertos IPv6 ICMP (también conocido como ICMP6) repitiendo los paquetes de peticiones. • http://secunia.com/advisories/23830 http://securitytracker.com/id?1017518 http://www.openbsd.org/errata.html#icmp6 http://www.openbsd.org/errata39.html#icmp6 http://www.osvdb.org/32935 http://www.securityfocus.com/bid/22087 •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 2CVE-2005-4351
https://notcve.org/view.php?id=CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24037 •
CVSS: 5.0EPSS: 4%CPEs: 17EXPL: 1CVE-2005-0740
https://notcve.org/view.php?id=CVE-2005-0740
The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. • http://secunia.com/advisories/13819 http://securitytracker.com/id?1012861 http://www.openbsd.org/errata35.html http://www.securityfocus.com/bid/12250 •