Openbsd : Security Vulnerabilities, CVEs, Published In 2014 (Denial of service)

CVE-2014-9424

Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake.
Max CVSS
7.5
EPSS Score
0.34%
Published
2014-12-29
Updated
2014-12-30

CVE-2014-7250

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
Max CVSS
5.0
EPSS Score
0.46%
Published
2014-12-12
Updated
2014-12-12

CVE-2014-1692

The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
Max CVSS
7.5
EPSS Score
4.27%
Published
2014-01-29
Updated
2023-02-13

CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
Max CVSS
5.0
EPSS Score
0.89%
Published
2014-05-27
Updated
2017-08-29
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close