CVE Reference Map for Source OPENBSD

Source OPENBSD
Description OpenBSD Security Advisory
URL http://www.openbsd.org/security.html
Notes

This reference map lists the various references for OPENBSD and provides the associated CVE entries or candidates. It uses data from CVE version 20061101 and candidates that were active as of 2014-10-17.

Note that the list of references may not be complete.

OPENBSD:19970915 Vulnerability in I/O Signal Handling CVE-1999-1214
OPENBSD:19990212 i386 trace-trap handling when DDB was configured could cause a system crash. CVE-2000-0309
OPENBSD:19990217 IP fragment assembly can bog the machine excessively and cause problems. CVE-2000-0310
OPENBSD:19990608 Packets that should have been handled by IPsec may be transmitted as cleartext CVE-1999-0727
OPENBSD:19990830 In cron(8), make sure argv[] is NULL terminated in the fake popen() and run sendmail as the user, not as root. CVE-2000-0312
OPENBSD:19991109 Any user can change interface media configurations. CVE-2000-0313
OPENBSD:19991204 CVE-1999-0976
OPENBSD:20000120 [2.6] 018: SECURITY FIX: Jan 20, 2000 CVE-2000-0094
OPENBSD:20000526 CVE-2000-0461
OPENBSD:20000606 The non-default UseLogin feature in /etc/sshd_config is broken and should not be used. CVE-2000-0525
OPENBSD:20000624 A serious bug in dhclient(8) could allow strings from a malicious dhcp server to be executed in the shell as root. CVE-2000-0585
OPENBSD:20000705 Mopd contained a buffer overflow. CVE-2000-0750 CVE-2000-0751
OPENBSD:20000918 Bad ESP/AH packets could cause a crash under certain conditions. CVE-2000-0962
OPENBSD:20001003 A format string vulnerability exists in the pw_error(3) function. CVE-2000-0993
OPENBSD:20001006 There are printf-style format string bugs in several privileged programs. CVE-2000-0994 CVE-2000-0995
OPENBSD:20001006 There are printf-style format string bugs in several privileged programs. CVE-2000-0996 CVE-2000-0997 CVE-2000-0998 CVE-2000-0999
OPENBSD:20001218 CVE-2001-0053
OPENBSD:20010302 Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun in the kernel. CVE-2001-0284
OPENBSD:20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. CVE-2001-0268
OPENBSD:20010530 029: SECURITY FIX: May 30, 2001 CVE-2001-1145
OPENBSD:20010612 CVE-2001-0529
OPENBSD:20010829 CVE-2001-0670
OPENBSD:20020313 015: RELIABILITY FIX: March 13, 2002 CVE-2002-0059
OPENBSD:20020319 016: SECURITY FIX: March 19, 2002 CVE-2002-0557
OPENBSD:20020508 003: SECURITY FIX: May 8, 2002 CVE-2002-0766
OPENBSD:20020522 004: SECURITY FIX: May 22, 2002 CVE-2002-0765
OPENBSD:20020627 009: SECURITY FIX: June 27, 2002 CVE-2002-0701
OPENBSD:20020729 011: SECURITY FIX: July 29, 2002 CVE-2002-0824
OPENBSD:20021002 Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory. CVE-2002-2180
OPENBSD:20031104 010: RELIABILITY FIX: November 4, 2003 CVE-2003-0955
OPENBSD:20031105 005: RELIABILITY FIX: November 4, 2003 CVE-2003-0955
OPENBSD:20040317 015: RELIABILITY FIX: March 17, 2004 CVE-2004-0218 CVE-2004-0219 CVE-2004-0220 CVE-2004-0221 CVE-2004-0222
OPENBSD:20040513 [3.4] 020: SECURITY FIX: May 13, 2004 CVE-2004-0482
OPENBSD:20040513 [3.5] 006: SECURITY FIX: May 13, 2004 CVE-2004-0482
OPENBSD:20040520 cvs server buffer overflow vulnerability CVE-2004-0396
OPENBSD:20040526 008: SECURITY FIX: May 26, 2004 CVE-2004-0419
OPENBSD:20040530 009: SECURITY FIX: May 30, 2004 CVE-2004-0371
OPENBSD:20040826 028: RELIABILITY FIX: August 26, 2004 CVE-2004-0819
OPENBSD:20040829 017: RELIABILITY FIX: August 29, 2004 CVE-2004-0797
OPENBSD:20041214 007: SECURITY FIX: December 14, 2004 CVE-2004-2230
OPENBSD:20050111 027: RELIABILITY FIX: January 11, 2005 CVE-2005-0740
OPENBSD:20050228 011: SECURITY FIX: February 28, 2005 i386 only CVE-2005-0637
OPENBSD:20050228 028: SECURITY FIX: February 28, 2005 CVE-2005-0637
OPENBSD:20050316 012: SECURITY FIX: March 16, 2005 amd64 only CVE-2005-0637
OPENBSD:20050330 [3.5] 030: RELIABILITY FIX: March 30, 2005 CVE-2005-0960
OPENBSD:20050330 [3.6] 013: RELIABILITY FIX: March 30, 2005 CVE-2005-0960
OPENBSD:20060212 [3.8] 005: SECURITY FIX: February 12, 2006 CVE-2006-0225
OPENBSD:20080222 007: RELIABILITY FIX: February 22, 2008 CVE-2008-1058
OPENBSD:20080222 013: RELIABILITY FIX: February 22, 2008 CVE-2008-1058
OPENBSD:20080225 008: RELIABILITY FIX: February 25, 2008 CVE-2008-1057
OPENBSD:Aug 9,1999 CVE-1999-0674
OPENBSD:Aug12,1999 CVE-1999-0724
OPENBSD:Feb15,1998 "IP Source Routing Problem" CVE-1999-0305
OPENBSD:Feb17,1999 CVE-1999-0396
OPENBSD:Feb19,1999 CVE-1999-0485
OPENBSD:Feb23,1999 CVE-1999-0484
OPENBSD:Feb25,1999 CVE-1999-0483
OPENBSD:Jul30,1999 CVE-1999-0703
OPENBSD:Mar21,1999 CVE-1999-0482
OPENBSD:Mar22,1999 CVE-1999-0481
OPENBSD:[2.9] 015: SECURITY FIX: October 12, 2006 CVE-2006-4924 CVE-2006-5051
OPENBSD:[3.1] 010: RELIABILITY FIX: July 5, 2002 CVE-2002-2222
OPENBSD:[3.2] 008: SECURITY FIX: February 25, 2003 CVE-2003-1418
OPENBSD:[3.7] 20060105 007: SECURITY FIX: January 5, 2006 CVE-2005-3962
OPENBSD:[3.7] 20060105 008: SECURITY FIX: January 5, 2006 CVE-2006-0098
OPENBSD:[3.8] 006: SECURITY FIX: March 25, 2006 CVE-2006-0058
OPENBSD:[3.8] 007: SECURITY FIX: May 2, 2006 CVE-2006-1526
OPENBSD:[3.8] 008: SECURITY FIX: June 15, 2006 CVE-2006-1173
OPENBSD:[3.8] 20060825 010: SECURITY FIX: August 25, 2006 CVE-2006-4434
OPENBSD:[3.8] 20060825 012: SECURITY FIX: August 25, 2006 CVE-2006-4435
OPENBSD:[3.8] 20060825 013: SECURITY FIX: August 25, 2006 CVE-2006-4436
OPENBSD:[3.8] 20060902 014: SECURITY FIX: September 2, 2006 CVE-2006-4304
OPENBSD:[3.9] 012: SECURITY FIX: October 7, 2006 CVE-2006-3918
OPENBSD:[3.9] 016: SECURITY FIX: November 19, 2006 CVE-2006-6164
OPENBSD:[3.9] 017: SECURITY FIX: January 3, 2007 CVE-2007-0085
OPENBSD:[3.9] 018: RELIABILITY FIX: January 16, 2007 CVE-2007-0343
OPENBSD:[3.9] 020: SECURITY FIX: March 7, 2007 CVE-2007-1365
OPENBSD:[3.9] 021: SECURITY FIX: April 4, 2007 CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667
OPENBSD:[3.9] 20060825 005: SECURITY FIX: August 25, 2006 CVE-2006-4434
OPENBSD:[3.9] 20060825 006: SECURITY FIX: August 25, 2006 CVE-2006-3122
OPENBSD:[3.9] 20060825 007: SECURITY FIX: August 25, 2006 CVE-2006-4435
OPENBSD:[3.9] 20060825 008: SECURITY FIX: August 25, 2006 CVE-2006-4436
OPENBSD:[3.9] 20060902 009: SECURITY FIX: September 2, 2006 CVE-2006-4304
OPENBSD:[3.9] 20060908 010: SECURITY FIX: September 8, 2006 CVE-2006-4095 CVE-2006-4096
OPENBSD:[3.9] 20060908 011: SECURITY FIX: September 8, 2006 CVE-2006-4339
OPENBSD:[3.9] 20061007 013: SECURITY FIX: October 7, 2006 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4343
OPENBSD:[3.9] 20061007 014: SECURITY FIX: October 7, 2006 CVE-2006-5218
OPENBSD:[3.9] 20070423 022: SECURITY FIX: April 23, 2007 CVE-2007-2242
OPENBSD:[4.0] 005: SECURITY FIX: November 19, 2006 CVE-2006-6164
OPENBSD:[4.0] 007: SECURITY FIX: January 3, 2007 CVE-2007-0085
OPENBSD:[4.0] 008: RELIABILITY FIX: January 16, 2007 CVE-2007-0343
OPENBSD:[4.0] 010: SECURITY FIX: March 7, 2007 CVE-2007-1365
OPENBSD:[4.0] 011: SECURITY FIX: April 4, 2007 CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667
OPENBSD:[4.0] 017: SECURITY FIX: October 10, 2007 CVE-2007-5135
OPENBSD:[4.0] 20070423 012: SECURITY FIX: April 23, 2007 CVE-2007-2242
OPENBSD:[4.0] 20070709 015: SECURITY FIX: July 9, 2007 CVE-2007-1536
OPENBSD:[4.0] 20071008 016: SECURITY FIX: October 8, 2007 CVE-2007-5365
OPENBSD:[4.1] 011: SECURITY FIX: October 10, 2007 CVE-2007-5135
OPENBSD:[4.1] 20071008 010: SECURITY FIX: October 8, 2007 CVE-2007-5365
OPENBSD:[4.1] 20080208 012: SECURITY FIX: February 8, 2008 CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006
OPENBSD:[4.1] 20080307 014: SECURITY FIX: March 7, 2008 CVE-2008-1215
OPENBSD:[4.2] 002: SECURITY FIX: October 10, 2007 CVE-2007-5135
OPENBSD:[4.2] 013: SECURITY FIX: July 23, 2008 CVE-2008-1447
OPENBSD:[4.2] 015: SECURITY FIX: October 2, 2008 CVE-2008-2476
OPENBSD:[4.2] 20071008 001: SECURITY FIX: October 8, 2007 CVE-2007-5365
OPENBSD:[4.2] 20080111 005: RELIABILITY FIX: January 11, 2008 CVE-2008-0384
OPENBSD:[4.2] 20080208 006: SECURITY FIX: February 8, 2008 CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006
OPENBSD:[4.2] 20080307 009: SECURITY FIX: March 7, 2008 CVE-2008-1215
OPENBSD:[4.3] 001: SECURITY FIX: March 30, 2008 CVE-2008-1657
OPENBSD:[4.3] 004: SECURITY FIX: July 23, 2008 CVE-2008-1447
OPENBSD:[4.3] 006: SECURITY FIX: October 2, 2008 CVE-2008-2476
OPENBSD:[4.3] 010: RELIABILITY FIX: February 18, 2009 CVE-2009-0780
OPENBSD:[4.3] 013: RELIABILITY FIX: April 11, 2009 CVE-2009-0687
OPENBSD:[4.4] 010: RELIABILITY FIX: February 18, 2009 CVE-2009-0780
OPENBSD:[4.4] 013: RELIABILITY FIX: April 11, 2009 CVE-2009-0687
OPENBSD:[4.4] 014: RELIABILITY FIX: July 29, 2009 CVE-2009-0696
OPENBSD:[4.4] 015: RELIABILITY FIX: October 05, 2009 CVE-2009-3572
OPENBSD:[4.5] 002: RELIABILITY FIX: April 11, 2009 CVE-2009-0687
OPENBSD:[4.5] 008: RELIABILITY FIX: October 05, 2009 CVE-2009-3572
OPENBSD:[4.5] 010: SECURITY FIX: November 26, 2009 CVE-2009-3555
OPENBSD:[4.6] 002: RELIABILITY FIX: October 05, 2009 CVE-2009-3572
OPENBSD:[4.6] 004: SECURITY FIX: November 26, 2009 CVE-2009-3555
OPENBSD:[5.5] 004: SECURITY FIX: April 12, 2014 CVE-2010-5298
OPENBSD:[5.5] 005: RELIABILITY FIX: May 1, 2014 CVE-2014-0198
 
Page Last Updated: October 17, 2014