Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
Max CVSS
10.0
EPSS Score
0.54%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.
Max CVSS
4.6
EPSS Score
0.08%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
0.55%
Published
2000-12-11
Updated
2008-09-05
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-12-19
Updated
2018-05-03
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-12-19
Updated
2018-05-03
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.
Max CVSS
7.2
EPSS Score
0.06%
Published
2000-12-19
Updated
2018-05-03
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-19
Updated
2018-05-03
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-19
Updated
2017-10-10
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Max CVSS
5.0
EPSS Score
0.77%
Published
2000-12-19
Updated
2018-05-03
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.81%
Published
2000-12-19
Updated
2018-05-03
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
Max CVSS
5.0
EPSS Score
1.16%
Published
2000-12-19
Updated
2017-10-10
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
9.15%
Published
2000-10-20
Updated
2008-09-05
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
Max CVSS
7.5
EPSS Score
0.89%
Published
2000-10-20
Updated
2008-09-10
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
Max CVSS
5.0
EPSS Score
4.08%
Published
2000-07-07
Updated
2008-09-10
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
Max CVSS
10.0
EPSS Score
0.19%
Published
2000-06-08
Updated
2017-10-10
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
Max CVSS
5.1
EPSS Score
0.60%
Published
2000-02-24
Updated
2008-09-10
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
Max CVSS
4.6
EPSS Score
0.04%
Published
2000-02-11
Updated
2022-08-17
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
Max CVSS
6.2
EPSS Score
0.05%
Published
2000-01-19
Updated
2011-03-08
18 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!