CVE-2020-7247

Known exploited
Public exploit
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
Max CVSS
10.0
EPSS Score
97.50%
Published
2020-01-29
Updated
2022-04-29
CISA KEV Added
2022-03-25

CVE-2019-19726

Public exploit
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries to strip LD_LIBRARY_PATH from the environment, but fails when it cannot allocate memory. Thus, the attacker is able to execute their own library code as root.
Max CVSS
7.8
EPSS Score
0.06%
Published
2019-12-12
Updated
2023-10-06

CVE-2018-15473

Public exploit
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Max CVSS
5.3
EPSS Score
2.36%
Published
2018-08-17
Updated
2023-02-23

CVE-2016-6210

Public exploit
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Max CVSS
5.9
EPSS Score
10.74%
Published
2017-02-13
Updated
2022-12-13

CVE-2003-0190

Public exploit
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
Max CVSS
5.0
EPSS Score
6.45%
Published
2003-05-12
Updated
2024-02-15
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!