The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
Max CVSS
5.5
EPSS Score
0.06%
Published
2001-12-31
Updated
2024-02-16
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
Max CVSS
5.0
EPSS Score
1.18%
Published
2001-07-07
Updated
2018-10-30
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-06-02
Updated
2017-12-19
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
Max CVSS
10.0
EPSS Score
0.51%
Published
2001-05-03
Updated
2008-09-10
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
Max CVSS
5.0
EPSS Score
0.33%
Published
2001-03-12
Updated
2008-09-10
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-03-12
Updated
2008-09-10
6 vulnerabilities found