CVE Reference Map for Source OPENBSD
| Source | OPENBSD |
| Description | OpenBSD Security Advisory |
| URL | http://www.openbsd.org/security.html |
| Notes |
This reference map lists the various references for OPENBSD and provides the associated CVE entries or candidates. It uses data from CVE version 20061101 and candidates that were active as of 2024-03-26.
Note that the list of references may not be complete.
| OPENBSD:19970915 Vulnerability in I/O Signal Handling | CVE-1999-1214 |
| OPENBSD:19990212 i386 trace-trap handling when DDB was configured could cause a system crash. | CVE-2000-0309 |
| OPENBSD:19990217 IP fragment assembly can bog the machine excessively and cause problems. | CVE-2000-0310 |
| OPENBSD:19990608 Packets that should have been handled by IPsec may be transmitted as cleartext | CVE-1999-0727 |
| OPENBSD:19990830 In cron(8), make sure argv[] is NULL terminated in the fake popen() and run sendmail as the user, not as root. | CVE-2000-0312 |
| OPENBSD:19991109 Any user can change interface media configurations. | CVE-2000-0313 |
| OPENBSD:19991204 | CVE-1999-0976 |
| OPENBSD:20000120 [2.6] 018: SECURITY FIX: Jan 20, 2000 | CVE-2000-0094 |
| OPENBSD:20000526 | CVE-2000-0461 |
| OPENBSD:20000606 The non-default UseLogin feature in /etc/sshd_config is broken and should not be used. | CVE-2000-0525 |
| OPENBSD:20000624 A serious bug in dhclient(8) could allow strings from a malicious dhcp server to be executed in the shell as root. | CVE-2000-0585 |
| OPENBSD:20000705 Mopd contained a buffer overflow. | CVE-2000-0750 CVE-2000-0751 |
| OPENBSD:20000918 Bad ESP/AH packets could cause a crash under certain conditions. | CVE-2000-0962 |
| OPENBSD:20001003 A format string vulnerability exists in the pw_error(3) function. | CVE-2000-0993 |
| OPENBSD:20001006 There are printf-style format string bugs in several privileged programs. | CVE-2000-0994 CVE-2000-0995 CVE-2000-0996 CVE-2000-0997 CVE-2000-0998 CVE-2000-0999 |
| OPENBSD:20001218 | CVE-2001-0053 |
| OPENBSD:20010302 Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun in the kernel. | CVE-2001-0284 |
| OPENBSD:20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. | CVE-2001-0268 |
| OPENBSD:20010530 029: SECURITY FIX: May 30, 2001 | CVE-2001-1145 |
| OPENBSD:20010612 | CVE-2001-0529 |
| OPENBSD:20010829 | CVE-2001-0670 |
| OPENBSD:20020313 015: RELIABILITY FIX: March 13, 2002 | CVE-2002-0059 |
| OPENBSD:20020319 016: SECURITY FIX: March 19, 2002 | CVE-2002-0557 |
| OPENBSD:20020508 003: SECURITY FIX: May 8, 2002 | CVE-2002-0766 |
| OPENBSD:20020522 004: SECURITY FIX: May 22, 2002 | CVE-2002-0765 |
| OPENBSD:20020627 009: SECURITY FIX: June 27, 2002 | CVE-2002-0701 |
| OPENBSD:20020729 011: SECURITY FIX: July 29, 2002 | CVE-2002-0824 |
| OPENBSD:20021002 Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory. | CVE-2002-2180 |
| OPENBSD:20031104 010: RELIABILITY FIX: November 4, 2003 | CVE-2003-0955 |
| OPENBSD:20031105 005: RELIABILITY FIX: November 4, 2003 | CVE-2003-0955 |
| OPENBSD:20040317 015: RELIABILITY FIX: March 17, 2004 | CVE-2004-0218 CVE-2004-0219 CVE-2004-0220 CVE-2004-0221 CVE-2004-0222 |
| OPENBSD:20040513 [3.4] 020: SECURITY FIX: May 13, 2004 | CVE-2004-0482 |
| OPENBSD:20040513 [3.5] 006: SECURITY FIX: May 13, 2004 | CVE-2004-0482 |
| OPENBSD:20040520 cvs server buffer overflow vulnerability | CVE-2004-0396 |
| OPENBSD:20040526 008: SECURITY FIX: May 26, 2004 | CVE-2004-0419 |
| OPENBSD:20040530 009: SECURITY FIX: May 30, 2004 | CVE-2004-0371 |
| OPENBSD:20040826 028: RELIABILITY FIX: August 26, 2004 | CVE-2004-0819 |
| OPENBSD:20040829 017: RELIABILITY FIX: August 29, 2004 | CVE-2004-0797 |
| OPENBSD:20041214 007: SECURITY FIX: December 14, 2004 | CVE-2004-2230 |
| OPENBSD:20050111 027: RELIABILITY FIX: January 11, 2005 | CVE-2005-0740 |
| OPENBSD:20050228 011: SECURITY FIX: February 28, 2005 i386 only | CVE-2005-0637 |
| OPENBSD:20050228 028: SECURITY FIX: February 28, 2005 | CVE-2005-0637 |
| OPENBSD:20050316 012: SECURITY FIX: March 16, 2005 amd64 only | CVE-2005-0637 |
| OPENBSD:20050330 [3.5] 030: RELIABILITY FIX: March 30, 2005 | CVE-2005-0960 |
| OPENBSD:20050330 [3.6] 013: RELIABILITY FIX: March 30, 2005 | CVE-2005-0960 |
| OPENBSD:20080222 007: RELIABILITY FIX: February 22, 2008 | CVE-2008-1058 |
| OPENBSD:20080222 013: RELIABILITY FIX: February 22, 2008 | CVE-2008-1058 |
| OPENBSD:20080225 008: RELIABILITY FIX: February 25, 2008 | CVE-2008-1057 |
| OPENBSD:Aug 9,1999 | CVE-1999-0674 |
| OPENBSD:Aug12,1999 | CVE-1999-0724 |
| OPENBSD:Feb15,1998 "IP Source Routing Problem" | CVE-1999-0305 |
| OPENBSD:Feb17,1999 | CVE-1999-0396 |
| OPENBSD:Feb19,1999 | CVE-1999-0485 |
| OPENBSD:Feb23,1999 | CVE-1999-0484 |
| OPENBSD:Feb25,1999 | CVE-1999-0483 |
| OPENBSD:Jul30,1999 | CVE-1999-0703 |
| OPENBSD:Mar21,1999 | CVE-1999-0482 |
| OPENBSD:Mar22,1999 | CVE-1999-0481 |
| OPENBSD:[2.9] 015: SECURITY FIX: October 12, 2006 | CVE-2006-4924 CVE-2006-5051 |
| OPENBSD:[3.1] 010: RELIABILITY FIX: July 5, 2002 | CVE-2002-2222 |
| OPENBSD:[3.2] 008: SECURITY FIX: February 25, 2003 | CVE-2003-1418 |
| OPENBSD:[3.7] 20060105 008: SECURITY FIX: January 5, 2006 | CVE-2006-0098 |
| OPENBSD:[3.8] 006: SECURITY FIX: March 25, 2006 | CVE-2006-0058 |
| OPENBSD:[3.8] 008: SECURITY FIX: June 15, 2006 | CVE-2006-1173 |
| OPENBSD:[3.8] 20060825 010: SECURITY FIX: August 25, 2006 | CVE-2006-4434 |
| OPENBSD:[3.8] 20060825 012: SECURITY FIX: August 25, 2006 | CVE-2006-4435 |
| OPENBSD:[3.8] 20060825 013: SECURITY FIX: August 25, 2006 | CVE-2006-4436 |
| OPENBSD:[3.8] 20060902 014: SECURITY FIX: September 2, 2006 | CVE-2006-4304 |
| OPENBSD:[3.9] 012: SECURITY FIX: October 7, 2006 | CVE-2006-3918 |
| OPENBSD:[3.9] 016: SECURITY FIX: November 19, 2006 | CVE-2006-6164 |
| OPENBSD:[3.9] 017: SECURITY FIX: January 3, 2007 | CVE-2007-0085 |
| OPENBSD:[3.9] 018: RELIABILITY FIX: January 16, 2007 | CVE-2007-0343 |
| OPENBSD:[3.9] 020: SECURITY FIX: March 7, 2007 | CVE-2007-1365 |
| OPENBSD:[3.9] 021: SECURITY FIX: April 4, 2007 | CVE-2007-1351 CVE-2007-1352 CVE-2007-1667 |
| OPENBSD:[3.9] 20060825 005: SECURITY FIX: August 25, 2006 | CVE-2006-4434 |
| OPENBSD:[3.9] 20060825 006: SECURITY FIX: August 25, 2006 | CVE-2006-3122 |
| OPENBSD:[3.9] 20060825 007: SECURITY FIX: August 25, 2006 | CVE-2006-4435 |
| OPENBSD:[3.9] 20060825 008: SECURITY FIX: August 25, 2006 | CVE-2006-4436 |
| OPENBSD:[3.9] 20060902 009: SECURITY FIX: September 2, 2006 | CVE-2006-4304 |
| OPENBSD:[3.9] 20060908 010: SECURITY FIX: September 8, 2006 | CVE-2006-4095 CVE-2006-4096 |
| OPENBSD:[3.9] 20061007 014: SECURITY FIX: October 7, 2006 | CVE-2006-5218 |
| OPENBSD:[3.9] 20070423 022: SECURITY FIX: April 23, 2007 | CVE-2007-2242 |
| OPENBSD:[4.0] 005: SECURITY FIX: November 19, 2006 | CVE-2006-6164 |
| OPENBSD:[4.0] 007: SECURITY FIX: January 3, 2007 | CVE-2007-0085 |
| OPENBSD:[4.0] 008: RELIABILITY FIX: January 16, 2007 | CVE-2007-0343 |
| OPENBSD:[4.0] 010: SECURITY FIX: March 7, 2007 | CVE-2007-1365 |
| OPENBSD:[4.0] 011: SECURITY FIX: April 4, 2007 | CVE-2007-1351 CVE-2007-1352 CVE-2007-1667 |
| OPENBSD:[4.0] 017: SECURITY FIX: October 10, 2007 | CVE-2007-5135 |
| OPENBSD:[4.0] 20070423 012: SECURITY FIX: April 23, 2007 | CVE-2007-2242 |
| OPENBSD:[4.0] 20070709 015: SECURITY FIX: July 9, 2007 | CVE-2007-1536 |
| OPENBSD:[4.0] 20071008 016: SECURITY FIX: October 8, 2007 | CVE-2007-5365 |
| OPENBSD:[4.1] 011: SECURITY FIX: October 10, 2007 | CVE-2007-5135 |
| OPENBSD:[4.1] 20071008 010: SECURITY FIX: October 8, 2007 | CVE-2007-5365 |
| OPENBSD:[4.1] 20080208 012: SECURITY FIX: February 8, 2008 | CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006 |
| OPENBSD:[4.1] 20080307 014: SECURITY FIX: March 7, 2008 | CVE-2008-1215 |
| OPENBSD:[4.2] 002: SECURITY FIX: October 10, 2007 | CVE-2007-5135 |
| OPENBSD:[4.2] 013: SECURITY FIX: July 23, 2008 | CVE-2008-1447 |
| OPENBSD:[4.2] 015: SECURITY FIX: October 2, 2008 | CVE-2008-2476 |
| OPENBSD:[4.2] 20071008 001: SECURITY FIX: October 8, 2007 | CVE-2007-5365 |
| OPENBSD:[4.2] 20080111 005: RELIABILITY FIX: January 11, 2008 | CVE-2008-0384 |
| OPENBSD:[4.2] 20080208 006: SECURITY FIX: February 8, 2008 | CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006 |
| OPENBSD:[4.2] 20080307 009: SECURITY FIX: March 7, 2008 | CVE-2008-1215 |
| OPENBSD:[4.3] 001: SECURITY FIX: March 30, 2008 | CVE-2008-1657 |
| OPENBSD:[4.3] 004: SECURITY FIX: July 23, 2008 | CVE-2008-1447 |
| OPENBSD:[4.3] 006: SECURITY FIX: October 2, 2008 | CVE-2008-2476 |
| OPENBSD:[4.3] 010: RELIABILITY FIX: February 18, 2009 | CVE-2009-0780 |
| OPENBSD:[4.3] 013: RELIABILITY FIX: April 11, 2009 | CVE-2009-0687 |
| OPENBSD:[4.4] 010: RELIABILITY FIX: February 18, 2009 | CVE-2009-0780 |
| OPENBSD:[4.4] 013: RELIABILITY FIX: April 11, 2009 | CVE-2009-0687 |
| OPENBSD:[4.4] 014: RELIABILITY FIX: July 29, 2009 | CVE-2009-0696 |
| OPENBSD:[4.4] 015: RELIABILITY FIX: October 05, 2009 | CVE-2009-3572 |
| OPENBSD:[4.5] 002: RELIABILITY FIX: April 11, 2009 | CVE-2009-0687 |
| OPENBSD:[4.5] 008: RELIABILITY FIX: October 05, 2009 | CVE-2009-3572 |
| OPENBSD:[4.6] 002: RELIABILITY FIX: October 05, 2009 | CVE-2009-3572 |
| OPENBSD:[5.5] 004: SECURITY FIX: April 12, 2014 | CVE-2010-5298 |
| OPENBSD:[5.5] 005: RELIABILITY FIX: May 1, 2014 | CVE-2014-0198 |
