Shodan
Vulnerabilities
Vulnerable Software
Openbsd:  Security Vulnerabilities
CVE-2017-8301
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
CVSS Score
5.3
EPSS Score
0.01
Published
2017-04-27
CVE-2016-1908
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVSS Score
9.8
EPSS Score
0.137
Published
2017-04-11
CVE-2017-5850
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
CVSS Score
7.5
EPSS Score
0.172
Published
2017-03-27
CVE-2016-6239
The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-03-07
CVE-2016-6240
Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-03-07
CVE-2016-6241
Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-03-07
CVE-2016-6242
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-07
CVE-2016-6243
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-07
CVE-2016-6245
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-07
CVE-2016-6246
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.
CVSS Score
4.4
EPSS Score
0.004
Published
2017-03-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved