17 matches found
CVE-1999-0432
ftp on HP-UX 11.00 allows local users to gain privileges...
HP-UX 11.00/10.20 crontab Overwrite Files Exploit
No description provided by source. !/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh distfile if -z $1 then echo Usage : $0 distfile exit fi cat EOF /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR...
FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (4)
No description provided by source. source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a loopback condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sor...
CVE-2002-2363
VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges...
CVE-2002-2363
CVE-2002-2363 affects HP-UX 11.00 via the VJE.VJE-RUN component, which adds the bin directory to /etc/PATH, enabling local users to gain privileges. The vulnerability is rooted in PATH modification by VJE.VJE-RUN, with the described impact including potential privilege elevation. Exploitation det...
HP-UX PHKL_34192 : HPSBUX02127 SSRT051056 - rev.1 HP-UX Kernel Local Denial of Service (DoS)
s700800 11.00 POSIX real-time message queue update : A potential security vulnerability has been identified with HP-UX. The vulnerability could be exploited by a local user to create a Denial of Service DoS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch check...
CVE-2002-1794
The CVE-2002-1794 entry concerns HP-UX 11.00 and 11.11 running the LDAP-UX Integration product. The vulnerability is described as affecting the pam_authz component, enabling remote attackers to execute r-commands with the privileges of other users. The provided connected documents confirm the aff...
CVE-2003-0840
The CVE-2003-0840 vulnerability is a local buffer overflow in dtprintinfo on HP-UX 11.00 (and potentially other OSes) that allows an unprivileged user to gain root privileges by supplying a long DISPLAY environment variable; exploitation details and affected software versions beyond HP-UX 11.00 a...
CVE-2002-0993
Unknown vulnerability in HP Instant Support Enterprise Edition ISEE product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files...
CVE-2000-0702
The net.init rc script in HP-UX 11.00 S008net.init allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file...
CVE-2000-0972
HP-UX 11.00 crontab allows local users to read arbitrary files through the -e option by creating a symlink to the target file during the crontab session, then quitting and reading the error messages crontab generates. Affected software: HP-UX 11.00 crontab. Root cause: symlink exposure via cronta...
CVE-2000-0702
The CVE-2000-0702 issue affects HP-UX 11.00 (S008net.init) where the net.init rc script could be abused by a local user via a symlink attack from /tmp/stcp.conf to a targeted file, allowing overwriting of arbitrary files. The vulnerability is local and affects file integrity and confidentiality (...
CVE-2000-0801
Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option...
CVE-2000-0755
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges...
CVE-2000-0755
Vulnerability CVE-2000-0755 affects HP-UX 11.00 in the newgrp command, enabling local privilege escalation. The connected records confirm the affected product (HP-UX 11.00) and the vulnerable component (newgrp), with the impact described as local privilege gain. The exact root cause, exploitation...
CVE-2000-0801
CVE-2000-0801 describes a buffer overflow in HP-UX 11.00’s bdf program that can be triggered by a long -t option, allowing local users to gain root privileges . The root cause is an overflow in the bdf implementation. The affected software is HP-UX 11.00 and the bdf utility; no remediation versio...
Local root compromise in GNQS 3.50.6 and 3.50.7
A large security hole was uncovered last month in Generic-NQS ver. 3.50.6 and 3.50.7. This hole leads to immediate local root compromise. All users of those versions are requested to upgrade to ver. 3.50.8 or later ASAP. The updated package can be downloaded from...