chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.
Max CVSS
3.3
EPSS Score
0.05%
Published
2003-12-31
Updated
2017-07-29
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-12-15
Updated
2016-10-18
2 vulnerabilities found