Search Results (349 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1459 1 Openbsd 1 Openssh 2026-04-16 N/A
OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
CVE-2001-0554 10 Debian, Freebsd, Ibm and 7 more 12 Debian Linux, Freebsd, Aix and 9 more 2026-04-16 N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-1999-0396 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2026-04-16 N/A
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
CVE-1999-0482 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD kernel crash through TSS handling, as caused by the crashme program.
CVE-1999-0483 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
CVE-2001-0572 3 Openbsd, Redhat, Ssh 3 Openssh, Linux, Ssh 2026-04-16 N/A
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.
CVE-1999-0703 3 Bsdi, Freebsd, Openbsd 3 Bsd Os, Freebsd, Openbsd 2026-04-16 N/A
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.
CVE-1999-0724 1 Openbsd 1 Openbsd 2026-04-16 N/A
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.
CVE-1999-1010 1 Openbsd 1 Openssh 2026-04-16 N/A
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
CVE-2001-1585 1 Openbsd 1 Openssh 2026-04-16 N/A
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.
CVE-1999-1214 5 Bsd, Freebsd, Netbsd and 2 more 5 Bsd, Freebsd, Netbsd and 2 more 2026-04-16 N/A
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
CVE-2001-0816 2 Openbsd, Redhat 2 Openssh, Linux 2026-04-16 N/A
OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.
CVE-2000-0143 2 Openbsd, Ssh 2 Openssh, Ssh 2026-04-16 N/A
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
CVE-2003-0078 4 Freebsd, Openbsd, Openssl and 1 more 6 Freebsd, Openbsd, Openssl and 3 more 2026-04-16 N/A
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
CVE-2000-0309 1 Openbsd 1 Openbsd 2026-04-16 N/A
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
CVE-2000-0310 1 Openbsd 1 Openbsd 2026-04-16 N/A
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
CVE-2000-0313 1 Openbsd 1 Openbsd 2026-04-16 N/A
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.
CVE-2000-0489 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
CVE-2000-0525 1 Openbsd 1 Openssh 2026-04-16 N/A
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
CVE-2000-0574 2 Openbsd, Washington University 2 Ftpd, Wu-ftpd 2026-04-16 N/A
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.