Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
Max CVSS
10.0
EPSS Score
0.51%
Published
2001-05-03
Updated
2008-09-10
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
Max CVSS
7.2
EPSS Score
0.06%
Published
2001-05-03
Updated
2017-10-10
2 vulnerabilities found