Multiple vulnerabilities in OpenBSD
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | N/A |
| CWE-ID | CWE-20 CWE-264 CWE-122 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
OpenBSD Operating systems & Components / Operating system |
| Vendor | OpenBSD |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU12872
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can submit a specially crafted packet and cause a kernel crash when using IPsec over IPv6.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/008_ipsecout.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU12873
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to incorrect checks in libcrypto. A remote attacker can submit a specially crafted input and prevent Diffie-Hellman Exchange operations from working.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/007_libcrypto.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU12875
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to incorrect handling of fragmented IPsec packets. A remote attacker can submit a specially crafted input and cause the system to crash.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/006_ipseclen.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Security restrictions bypass
EUVDB-ID: #VU12879
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists in the gif(4) interface due to insufficient validation of user-supplied input. A remote attacker can use the specified protocol for IPv6, plug a mbuf leak and avoid a use after free.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/004_gif.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU12880
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can leak file descriptors when servicing range requests.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/005_httpd.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Security restrictions bypass
EUVDB-ID: #VU12881
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to insufficient permissions and access controls. A remote attacker can bypass security restrictions and send ARP replies on the wrong member of a bridge(4) interface.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_arp.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU12884
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
Mitigation
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/002_libtls.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Heap-based buffer overflow
EUVDB-ID: #VU12885
Risk: Medium
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The weakness exists due to multiple heap-based buffer overflows in in perl. A remote attacker can trigger memory corruption and cause segmentation faults, crashes, and reading memory past the buffer.
Update to version 6.3.
OpenBSD: 5.7 - 6.2
External linkshttp://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/001_perl.patch.sig
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
