CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6243
https://notcve.org/view.php?id=CVE-2016-6243
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. thrsleep en kern/kern_synch.c en OpenBSD 5.8 y 5.9 permite a usuarios locales provocar una denegación de servicio (pánico en el kernel) a través un valor manipulado en el parámetro tsp de la llamada al sistema the __thrsleep. • http://www.openbsd.org/errata58.html http://www.openbsd.org/errata59.html http://www.openwall.com/lists/oss-security/2016/07/14/5 http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-6522
https://notcve.org/view.php?id=CVE-2016-6522
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. Desbordamiento de entero en la función uvm_map_isavail en uvm/uvm_map.c en OpenBSD 5.9 permite a usuarios locales provocar una denegación de servicio (pánico en el kernel) a través de una llamada mmap manipulada, lo que desencadena el nuevo mapeo para superponerse con un mapeo existente. • http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig http://www.openwall.com/lists/oss-security/2016/08/02/12 http://www.openwall.com/lists/oss-security/2016/08/02/8 http://www.securityfocus.com/bid/92264 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6246
https://notcve.org/view.php?id=CVE-2016-6246
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. OpenBSD 5.8 y 5.9 permite a ciertos usuarios locales con privilegios kern.usermount provocar una denegación de servicio (pánico en el kernel) montando un tmpfs con un VNOVAL en el (1) nombre de usuario, (2) nombre de grupo o (3) nombre de dispositivo del nodo root. • http://www.openbsd.org/errata58.html http://www.openbsd.org/errata59.html http://www.openwall.com/lists/oss-security/2016/07/14/5 http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-6244
https://notcve.org/view.php?id=CVE-2016-6244
The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. La función sys_thrsigdivert en kern/kern_sig.c en el kernel OpenBSD 5.9 permite a atacantes remotos provocar una denegación de servicio (pánico) a través de un valor "ts.tv_sec" negativo. • http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 3CVE-2017-5850 – OpenBSD HTTPd < 6.0 - Memory Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2017-5850
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. httpd en OpenBSD permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de una serie de peticiones para un archivo grande utilizando un encabezado HTTP Range. OpenBSD HTTP server versions up to 6.0 suffer from a denial of service vulnerability. • https://www.exploit-db.com/exploits/41278 http://marc.info/?l=openbsd-cvs&m=148587359420912&w=2 http://packetstormsecurity.com/files/140944/OpenBSD-HTTP-Server-6.0-Denial-Of-Service.html http://seclists.org/fulldisclosure/2017/Feb/15 http://www.openwall.com/lists/oss-security/2017/02/02/6 http://www.securityfocus.com/bid/95997 http://www.securitytracker.com/id/1037758 https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/034_httpd.patch.sig https://ftp.openbsd.or • CWE-770: Allocation of Resources Without Limits or Throttling •