Lucene search

K
HpHp-ux

288 matches found

CVE
CVE
added 2004/08/06 4:0 a.m.47 views

CVE-2004-0716

Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.

10CVSS8AI score0.04293EPSS
CVE
CVE
added 2005/10/21 6:2 p.m.47 views

CVE-2005-3277

The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2...

10CVSS7.7AI score0.37288EPSS
CVE
CVE
added 2006/10/23 5:7 p.m.47 views

CVE-2006-5452

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

4.6CVSS7.4AI score0.00211EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.47 views

CVE-2010-1030

Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to cause a denial of service via unknown vectors.

4.4CVSS6.1AI score0.00038EPSS
CVE
CVE
added 2010/12/08 6:0 p.m.47 views

CVE-2010-4108

HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.

6.8CVSS6.2AI score0.00368EPSS
CVE
CVE
added 2001/01/09 5:0 a.m.46 views

CVE-2000-1126

Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.

10CVSS8.1AI score0.00839EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.46 views

CVE-2001-0488

pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.

2.1CVSS6.2AI score0.00069EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.46 views

CVE-2002-1607

Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

4.6CVSS7.7AI score0.0015EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.46 views

CVE-2004-1332

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

7.5CVSS9.9AI score0.11894EPSS
CVE
CVE
added 2005/09/20 8:3 p.m.46 views

CVE-2005-2993

Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).

1.7CVSS6.2AI score0.00176EPSS
CVE
CVE
added 2008/08/01 2:41 p.m.46 views

CVE-2008-1662

Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."

10CVSS6.5AI score0.0257EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.45 views

CVE-1999-0132

Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.

2.1CVSS7.4AI score0.00358EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.45 views

CVE-1999-0333

HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.

7.5CVSS7.3AI score0.01336EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.45 views

CVE-2000-0077

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.

7.2CVSS7AI score0.00187EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.45 views

CVE-2000-0414

Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.

4.6CVSS7.1AI score0.00103EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.45 views

CVE-2000-1031

Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

4.6CVSS7.8AI score0.00417EPSS
CVE
CVE
added 2001/06/18 4:0 a.m.45 views

CVE-2001-0248

Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

10CVSS10AI score0.05322EPSS
CVE
CVE
added 2002/05/31 4:0 a.m.45 views

CVE-2002-0279

The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.

4.6CVSS6.6AI score0.0013EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.45 views

CVE-2002-1605

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

7.5CVSS8.1AI score0.27592EPSS
CVE
CVE
added 2005/08/19 4:0 a.m.45 views

CVE-2004-0952

HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.

6.4CVSS6.7AI score0.01653EPSS
CVE
CVE
added 2007/02/14 2:28 a.m.45 views

CVE-2007-0915

Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.

10CVSS6.9AI score0.03145EPSS
CVE
CVE
added 2007/02/14 2:28 a.m.45 views

CVE-2007-0916

Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.

4.9CVSS5.9AI score0.00072EPSS
CVE
CVE
added 2007/11/14 1:46 a.m.45 views

CVE-2007-5946

Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

7.2CVSS6.1AI score0.00053EPSS
CVE
CVE
added 2009/10/05 6:30 p.m.45 views

CVE-2009-2679

Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.

7.8CVSS6.3AI score0.01399EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.44 views

CVE-1999-0127

swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.

7.2CVSS7.7AI score0.0006EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.44 views

CVE-1999-0312

HP ypbind allows attackers with root privileges to modify NIS data.

5CVSS7.3AI score0.01905EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.44 views

CVE-1999-0432

ftp on HP-UX 11.00 allows local users to gain privileges.

4.6CVSS6.6AI score0.00103EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.44 views

CVE-1999-0686

Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.

5CVSS6.9AI score0.0071EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.44 views

CVE-2001-0219

Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

2.1CVSS6.2AI score0.001EPSS
CVE
CVE
added 2005/11/16 9:17 p.m.44 views

CVE-2002-2138

RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.

5CVSS7AI score0.01513EPSS
CVE
CVE
added 2007/10/29 7:0 p.m.44 views

CVE-2002-2363

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

7.2CVSS7AI score0.00036EPSS
CVE
CVE
added 2007/10/06 8:0 p.m.44 views

CVE-2004-2693

HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

7.2CVSS7AI score0.00034EPSS
CVE
CVE
added 2007/12/15 1:46 a.m.44 views

CVE-2007-6195

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

10CVSS7.9AI score0.28238EPSS
CVE
CVE
added 2007/12/24 8:46 p.m.44 views

CVE-2007-6419

Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

7.8CVSS6.5AI score0.02777EPSS
CVE
CVE
added 2010/03/29 10:30 p.m.44 views

CVE-2010-0451

The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests.

4CVSS6.7AI score0.01466EPSS
CVE
CVE
added 2014/03/11 1:1 p.m.44 views

CVE-2013-6200

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors.

6.2CVSS5.7AI score0.00054EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.43 views

CVE-1999-0324

ppl program in HP-UX allows local users to create root files through symlinks.

7.2CVSS7.1AI score0.0006EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.43 views

CVE-1999-0325

vhe_u_mnt program in HP-UX allows local users to create root files through symlinks.

7.2CVSS7.1AI score0.0006EPSS
CVE
CVE
added 2000/03/02 5:0 a.m.43 views

CVE-1999-0693

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

7.2CVSS6.8AI score0.18788EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.43 views

CVE-2000-0005

HP-UX aserver program allows local users to gain privileges via a symlink attack.

7.2CVSS6.9AI score0.0006EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.43 views

CVE-2000-0078

The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.

7.2CVSS7AI score0.0006EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.43 views

CVE-2000-0972

HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.

5.5CVSS6.7AI score0.01566EPSS
CVE
CVE
added 2005/11/16 7:42 a.m.43 views

CVE-2005-3564

envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.

7.2CVSS6.2AI score0.00061EPSS
CVE
CVE
added 2006/01/26 11:7 a.m.43 views

CVE-2006-0436

Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.3AI score0.00053EPSS
CVE
CVE
added 2007/04/12 10:19 a.m.43 views

CVE-2007-1994

Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as CVE-2007-0916.

4.9CVSS5.8AI score0.00072EPSS
CVE
CVE
added 2010/04/21 2:30 p.m.43 views

CVE-2010-1032

Unspecified vulnerability in HP HP-UX B.11.11 allows local users to cause a denial of service via unknown vectors.

4.9CVSS6.1AI score0.00072EPSS
CVE
CVE
added 2011/04/15 12:55 a.m.43 views

CVE-2011-0896

Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors.

6.8CVSS6.2AI score0.01027EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.42 views

CVE-1999-0326

Vulnerability in HP-UX mediainit program.

4.6CVSS7.3AI score0.00116EPSS
CVE
CVE
added 2000/04/18 4:0 a.m.42 views

CVE-2000-0095

The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.

5CVSS7AI score0.00525EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.42 views

CVE-2000-0468

man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack.

4.6CVSS6.7AI score0.00262EPSS
Total number of security vulnerabilities288