厂商或团体 openbsd 的搜索结果 (253)

CVE-2016-6241(发布:2017-03-07 11:59:00)NM
CVSS7.2

[原文]Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.

CVE-2016-6242(发布:2017-03-07 11:59:00)NM
CVSS4.9

[原文]OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call.

CVE-2016-6244(发布:2017-03-07 10:59:00)NM
CVSS7.8

[原文]The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value.

CVE-2016-6210(发布:2017-02-13 12:59:00)NMPS
CVSS4.3

[原文]sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.

CVE-2016-8858(发布:2016-12-09 06:59:00)NMP
CVSS7.8

[原文]** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."

CVE-2016-6515(发布:2016-08-07 17:59:09)NMP
CVSS7.8

[原文]The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.

首页上一页12345678下一页尾页 第3页 / 共43页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站