Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openbsd 3.9 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6164
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.
Openbsd Openbsd 4.0
Openbsd Openbsd 3.9
NA
CVE-2007-1365
Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote malicious users to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.
Openbsd Openbsd 4.0
Openbsd Openbsd 3.9
1 EDB exploit
NA
CVE-2006-4435
OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent malicious users to cause a denial of service (kernel panic) by allocating more semaphores than the default.
Openbsd Openbsd 3.9
Openbsd Openbsd 3.8
NA
CVE-2006-4436
isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote malicious users to replay IPSec packets and bypass the replay protection.
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
NA
CVE-2007-0085
Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related ...
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
1 EDB exploit
NA
CVE-2006-5218
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
Netbsd Netbsd 3.0
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
NA
CVE-2009-0537
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and previous versions and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent malicious users to cause a denial of service (application crash) via a deep directory tree, related to the...
Openbsd Openbsd 4.1
Openbsd Openbsd 3.7
Openbsd Openbsd 2.8
Openbsd Openbsd 3.8
Openbsd Openbsd
Openbsd Openbsd 3.1
Openbsd Openbsd 3.3
Openbsd Openbsd 2.9
Openbsd Openbsd 2.1
Openbsd Openbsd 2.2
Openbsd Openbsd 3.9
Openbsd Openbsd 2.0
Openbsd Openbsd 2.7
Openbsd Openbsd 3.2
Openbsd Openbsd 2.4
Openbsd Openbsd 4.2
Openbsd Openbsd 3.6
Openbsd Openbsd 3.0
Openbsd Openbsd 4.0
Openbsd Openbsd 3.5
Microsoft Interix 6.0
Openbsd Openbsd 2.6
NA
CVE-2011-2168
Multiple integer overflows in the glob implementation in libc in OpenBSD prior to 4.9 might allow context-dependent malicious users to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
Openbsd Openbsd 4.1
Openbsd Openbsd 3.7
Openbsd Openbsd 2.8
Openbsd Openbsd 3.8
Openbsd Openbsd 4.4
Openbsd Openbsd 3.1
Openbsd Openbsd 3.3
Openbsd Openbsd 2.9
Openbsd Openbsd 4.7
Openbsd Openbsd 2.1
Openbsd Openbsd 2.2
Openbsd Openbsd 3.9
Openbsd Openbsd 2.0
Openbsd Openbsd 2.7
Openbsd Openbsd 3.2
Openbsd Openbsd 4.5
Openbsd Openbsd 2.4
Openbsd Openbsd 4.2
Openbsd Openbsd 3.6
Openbsd Openbsd 3.0
Openbsd Openbsd 4.0
Openbsd Openbsd 3.5
1 Github repository
NA
CVE-2005-2666
SSH, as implemented in OpenSSH prior to 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional ta...
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 3.7
Openbsd Openssh 3.5p1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.3
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.4p1
Openbsd Openssh 3.6.1p1
NA
CVE-2006-0225
scp in OpenSSH 4.2p1 allows malicious users to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.4
Openbsd Openssh 3.4p1
Openbsd Openssh 3.7
Openbsd Openssh 3.7.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.0p1
Openbsd Openssh 4.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.3
Openbsd Openssh 3.3p1
Openbsd Openssh 3.6.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »