Page 7 of 40 results (0.008 seconds)

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0272.html http://www.securityfocus.com/bid/6219 https://exchange.xforce.ibmcloud.com/vulnerabilities/10702 • CWE-16: Configuration •

CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 1

The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/032_kerntime.patch http://www.iss.net/security_center/static/10278.php http://www.openbsd.org/plus32.html http://www.securityfocus.com/bid/5861 •

CVSS: 3.7EPSS: 0%CPEs: 52EXPL: 0

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc http://www.osvdb.org/19475 http://www.securityfocus.com/bid/3891 https://exchange.xforce.ibmcloud.com/vulnerabilities/7945 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. • http://online.securityfocus.com/archive/1/271702 http://www.iss.net/security_center/static/9048.php http://www.kb.cert.org/vuls/id/314963 http://www.openbsd.org/errata.html#fdalloc2 http://www.osvdb.org/5114 http://www.osvdb.org/5715 http://www.securityfocus.com/bid/4708 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 3

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron. • https://www.exploit-db.com/exploits/21373 http://marc.info/?l=bugtraq&m=101855467811695&w=2 http://online.securityfocus.com/archive/1/267089 http://www.iss.net/security_center/static/8818.php http://www.openbsd.org/errata30.html#mail http://www.osvdb.org/5269 http://www.securityfocus.com/bid/4495 •