Vulnerabilities (CVE)

Vendor filter

Openbsd Subscribe

Filter

273 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-6110 3 Openbsd, Winscp, Netapp 5 Openssh, Winscp, Element Software and 2 more 2019-04-18 4.0
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6111 5 Openbsd, Winscp, Canonical and 2 more 5 Openssh, Winscp, Ubuntu Linux and 2 more 2019-04-18 5.8
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name...
CVE-2018-15473 5 Openbsd, Debian, Netapp and 2 more 16 Openssh, Debian Linux, Aff Baseboard Management Controller and 13 more 2019-04-16 5.0
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and...
CVE-2019-6109 5 Openbsd, Winscp, Netapp and 2 more 7 Openssh, Winscp, Element Software and 4 more 2019-03-25 4.0
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control...
CVE-2018-20685 5 Openbsd, Netapp, Winscp and 2 more 9 Openssh, Cloud Backup, Element Software and 6 more 2019-03-25 2.6
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919 2 Openbsd, Netapp 6 Openssh, Cloud Backup, Data Ontap Edge and 3 more 2019-03-07 5.0
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do...
CVE-2016-0778 5 Sophos, Hp, Apple and 2 more 6 Linux, Openssh, Solaris and 3 more 2019-02-20 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which...
CVE-2016-0777 5 Sophos, Hp, Apple and 2 more 6 Linux, Openssh, Remote Device Access Virtual Customer Access System and 3 more 2019-02-20 4.0
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by...
CVE-2016-6210 1 Openbsd 1 Openssh 2019-02-07 4.3
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing...
CVE-2016-10708 2 Openbsd, Debian 2 Openssh, Debian Linux 2018-11-07 5.0
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2009-0689 5 K-meleon Project, Mozilla, Netbsd and 2 more 6 Seamonkey, Freebsd, K-meleon and 3 more 2018-11-02 6.8
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0,...
CVE-2002-2280 1 Openbsd 1 Openbsd 2018-10-30 2.1
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.
CVE-2002-0572 3 Openbsd, Sun, Freebsd 4 Freebsd, Openbsd, Solaris and 1 more 2018-10-30 7.2
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then...
CVE-2001-1244 7 Linux, Freebsd, Microsoft and 4 more 10 Hp-ux, Windows Nt, Linux Kernel and 7 more 2018-10-30 5.0
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more...
CVE-2002-1345 3 Ncftp Software, Sun, Openbsd 4 Ncftp, Openbsd, Solaris and 1 more 2018-10-30 5.0
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
CVE-2001-0554 8 Freebsd, Sgi, Ibm and 5 more 9 Aix, Solaris, Kerberos and 6 more 2018-10-30 10.0
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2002-0391 3 Openbsd, Sun, Freebsd 4 Freebsd, Openbsd, Solaris and 1 more 2018-10-30 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to...
CVE-2003-0028 10 Freebsd, Sgi, Ibm and 7 more 13 Hp-ux, Hp-ux Series 700, Aix and 10 more 2018-10-30 7.5
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code...
CVE-1999-0674 3 Openbsd, Sun, Netbsd 4 Netbsd, Openbsd, Solaris and 1 more 2018-10-30 7.2
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-1999-0303 4 Openbsd, Netbsd, Sun and 1 more 5 Osf 1, Netbsd, Openbsd and 2 more 2018-10-30 4.6
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.