Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2001-0144

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-07 May, 2001 | 04:00
Updated At-08 Aug, 2024 | 04:06
Rejected At-
Credits

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:07 May, 2001 | 04:00
Updated At:08 Aug, 2024 | 04:06
Rejected At:
▼CVE Numbering Authority (CNA)

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/2347
vdb-entry
x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
vdb-entry
x_refsource_XF
http://www.osvdb.org/503
vdb-entry
x_refsource_OSVDB
http://marc.info/?l=bugtraq&m=98168366406903&w=2
mailing-list
x_refsource_BUGTRAQ
http://www.osvdb.org/795
vdb-entry
x_refsource_OSVDB
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
vendor-advisory
x_refsource_BINDVIEW
http://www.cert.org/advisories/CA-2001-35.html
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.securityfocus.com/bid/2347
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.osvdb.org/503
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://marc.info/?l=bugtraq&m=98168366406903&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.osvdb.org/795
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Resource:
vendor-advisory
x_refsource_BINDVIEW
Hyperlink: http://www.cert.org/advisories/CA-2001-35.html
Resource:
third-party-advisory
x_refsource_CERT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/2347
vdb-entry
x_refsource_BID
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
vdb-entry
x_refsource_XF
x_transferred
http://www.osvdb.org/503
vdb-entry
x_refsource_OSVDB
x_transferred
http://marc.info/?l=bugtraq&m=98168366406903&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.osvdb.org/795
vdb-entry
x_refsource_OSVDB
x_transferred
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
vendor-advisory
x_refsource_BINDVIEW
x_transferred
http://www.cert.org/advisories/CA-2001-35.html
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/2347
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.osvdb.org/503
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=98168366406903&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.osvdb.org/795
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Resource:
vendor-advisory
x_refsource_BINDVIEW
x_transferred
Hyperlink: http://www.cert.org/advisories/CA-2001-35.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 Mar, 2001 | 05:00
Updated At:03 Apr, 2025 | 01:03

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
OpenBSD
openbsd
>>openssh>>1.2.2
cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openssh>>1.2.3
cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openssh>>2.1
cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openssh>>2.1.1
cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openssh>>2.2
cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.24
cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.25
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.26
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.27
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.28
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.29
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.30
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*
ssh
ssh
>>ssh>>1.2.31
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://marc.info/?l=bugtraq&m=98168366406903&w=2cve@mitre.org
N/A
http://razor.bindview.com/publish/advisories/adv_ssh1crc.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.cert.org/advisories/CA-2001-35.htmlcve@mitre.org
US Government Resource
http://www.osvdb.org/503cve@mitre.org
N/A
http://www.osvdb.org/795cve@mitre.org
N/A
http://www.securityfocus.com/bid/2347cve@mitre.org
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6083cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=98168366406903&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://razor.bindview.com/publish/advisories/adv_ssh1crc.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.cert.org/advisories/CA-2001-35.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.osvdb.org/503af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/795af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/2347af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6083af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://marc.info/?l=bugtraq&m=98168366406903&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.cert.org/advisories/CA-2001-35.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.osvdb.org/503
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/795
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/2347
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=98168366406903&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.cert.org/advisories/CA-2001-35.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.osvdb.org/503
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/795
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/2347
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

28Records found
CVE-2004-0416
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-43.03% / 97.40%
||
7 Day CHG~0.00%
Published-11 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

Action-Not Available
Vendor-openpkgcvsn/aOpenBSDGentoo Foundation, Inc.Silicon Graphics, Inc.
Product-propackopenbsdcvsopenpkglinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2004-0418
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.28% / 94.14%
||
7 Day CHG~0.00%
Published-11 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

Action-Not Available
Vendor-openpkgcvsn/aOpenBSDGentoo Foundation, Inc.Silicon Graphics, Inc.
Product-propackopenbsdcvsopenpkglinuxn/a
CVE-2004-0492
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-19.74% / 95.22%
||
7 Day CHG~0.00%
Published-23 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Action-Not Available
Vendor-n/aThe Apache Software FoundationSilicon Graphics, Inc.IBM CorporationOpenBSDHP Inc.
Product-propackopenbsdhttp_servervvoswebproxyvirtualvaultn/a
CVE-2004-0414
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.25% / 89.60%
||
7 Day CHG~0.00%
Published-11 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

Action-Not Available
Vendor-openpkgcvsn/aOpenBSDGentoo Foundation, Inc.Silicon Graphics, Inc.
Product-propackopenbsdcvsopenpkglinuxn/a
CVE-2004-0220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.87% / 85.74%
||
7 Day CHG~0.00%
Published-25 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2004-0083
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.12% / 83.41%
||
7 Day CHG~0.00%
Published-14 Feb, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.

Action-Not Available
Vendor-xfree86_projectn/aOpenBSD
Product-x11r6openbsdn/a
CVE-2003-0693
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-32.68% / 96.71%
||
7 Day CHG~0.00%
Published-17 Sep, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2004-0084
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.63% / 94.21%
||
7 Day CHG~0.00%
Published-14 Feb, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.

Action-Not Available
Vendor-xfree86_projectn/aOpenBSD
Product-x11r6openbsdn/a
CVE-2003-0786
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.17% / 88.24%
||
7 Day CHG+1.83%
Published-25 Sep, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2002-1645
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.90% / 93.78%
||
7 Day CHG~0.00%
Published-28 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL.

Action-Not Available
Vendor-sshn/a
Product-ssh2n/a
CVE-2002-0640
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-61.12% / 98.25%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2002-0639
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-30.29% / 96.52%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2002-0083
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.08% / 88.08%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Action-Not Available
Vendor-trustixconectivaimmunixopenpkgengardelinuxn/aSUSEOpenBSDRed Hat, Inc.Mandriva (Mandrakesoft)
Product-opensshmandrake_linux_corporate_serveropenpkgimmunixsuse_linuxmandrake_single_network_firewalllinuxsecure_linuxmandrake_linuxn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2002-0391
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.57% / 88.78%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Action-Not Available
Vendor-n/aOpenBSDFreeBSD FoundationMicrosoft CorporationSun Microsystems (Oracle Corporation)
Product-windows_ntopenbsdsolariswindows_xpsunosfreebsdwindows_2000n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2006-4304
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.86% / 90.98%
||
7 Day CHG-0.17%
Published-24 Aug, 2006 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.

Action-Not Available
Vendor-n/aOpenBSDNetBSDFreeBSD Foundation
Product-netbsdopenbsdfreebsdn/a
CVE-2001-0554
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.67% / 94.66%
||
7 Day CHG-10.76%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Action-Not Available
Vendor-netkitn/aNetBSDMIT (Massachusetts Institute of Technology)IBM CorporationSilicon Graphics, Inc.Debian GNU/LinuxOpenBSDFreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-netbsdopenbsdaixsolarisirixsunosdebian_linuxfreebsdkerberoslinux_netkitkerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2001-0247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-35.17% / 96.91%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Action-Not Available
Vendor-n/aNetBSDMIT (Massachusetts Institute of Technology)Silicon Graphics, Inc.OpenBSDFreeBSD Foundation
Product-netbsdopenbsdirixfreebsdkerberos_5n/a
CVE-2001-0053
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.60% / 94.42%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

Action-Not Available
Vendor-david_madoren/aOpenBSDNetBSD
Product-netbsdopenbsdftpd-bsdn/a
CVE-1999-0323
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.48% / 64.18%
||
7 Day CHG~0.00%
Published-02 Jun, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FreeBSD mmap function allows users to modify append-only or immutable files.

Action-Not Available
Vendor-bsdin/aOpenBSDNetBSDFreeBSD Foundation
Product-bsd_osnetbsdopenbsdfreebsdn/a
CVE-1999-0798
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.51% / 65.45%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

Action-Not Available
Vendor-bsdiscon/aOpenBSDRed Hat, Inc.FreeBSD Foundation
Product-bsd_osinternet_faststartopenbsdopenserverunixwarefreebsdlinuxn/a
CVE-1999-0248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.41% / 60.31%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.

Action-Not Available
Vendor-sshn/a
Product-sshn/a
CVE-2001-0284
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.37% / 79.43%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CVE-2000-0999
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.55% / 66.96%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2003-0466
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-90.83% / 99.61%
||
7 Day CHG~0.00%
Published-01 Aug, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.

Action-Not Available
Vendor-wuftpdn/aNetBSDOpenBSDRed Hat, Inc.FreeBSD FoundationApple Inc.Sun Microsystems (Oracle Corporation)
Product-netbsdopenbsdwu_ftpdsolarismac_os_x_serverfreebsdmac_os_xwu-ftpdn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2007-1365
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-38.72% / 97.15%
||
7 Day CHG~0.00%
Published-10 Mar, 2007 | 21:00
Updated-07 Aug, 2024 | 12:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CVE-2000-1010
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.32% / 84.17%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Action-Not Available
Vendor-n/aOpenBSDRed Hat, Inc.
Product-linuxopenbsdn/a
CVE-2000-0525
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.90% / 74.71%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2020-7247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-94.04% / 99.89%
||
7 Day CHG~0.00%
Published-29 Jan, 2020 | 15:53
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxCanonical Ltd.OpenBSD
Product-opensmtpdfedoraubuntu_linuxdebian_linuxn/aOpenSMTPD
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Details not found