Lucene search

K
HpHp-ux

288 matches found

CVE
CVE
added 2001/05/07 4:0 a.m.42 views

CVE-2001-0105

Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.

2.1CVSS6.7AI score0.00273EPSS
CVE
CVE
added 2001/10/18 4:0 a.m.42 views

CVE-2001-0772

Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

4.6CVSS7.4AI score0.00123EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.42 views

CVE-2002-1604

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.

7.5CVSS8.1AI score0.46021EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.42 views

CVE-2002-1606

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.

4.6CVSS7.2AI score0.00195EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.42 views

CVE-2002-1608

Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

4.6CVSS7.7AI score0.0015EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.42 views

CVE-2002-1610

Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.

2.1CVSS6.6AI score0.00133EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.42 views

CVE-2002-1794

Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.

10CVSS7.4AI score0.009EPSS
CVE
CVE
added 2003/05/23 4:0 a.m.42 views

CVE-2003-0333

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a ...

7.2CVSS6.9AI score0.00205EPSS
CVE
CVE
added 2005/11/16 7:42 a.m.42 views

CVE-2005-3565

Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.

7.5CVSS6.8AI score0.04234EPSS
CVE
CVE
added 2005/11/23 1:3 a.m.42 views

CVE-2005-3779

Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.

7.2CVSS6.5AI score0.00064EPSS
CVE
CVE
added 2007/01/19 11:28 p.m.42 views

CVE-2007-0394

HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

4.6CVSS6.5AI score0.00211EPSS
CVE
CVE
added 2012/04/05 1:55 p.m.42 views

CVE-2012-0131

Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

10CVSS7.6AI score0.15128EPSS
CVE
CVE
added 2014/10/19 1:55 a.m.42 views

CVE-2014-7874

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8CVSS7.3AI score0.00161EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.41 views

CVE-1999-0688

Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.

4.6CVSS7.1AI score0.00123EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.41 views

CVE-1999-1145

Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.

7.2CVSS7.4AI score0.0005EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.41 views

CVE-1999-1408

Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.

2.1CVSS7AI score0.00252EPSS
CVE
CVE
added 2001/01/09 5:0 a.m.41 views

CVE-2000-1127

registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.

3.6CVSS6.5AI score0.00529EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.41 views

CVE-2001-0106

Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.

5CVSS6.8AI score0.00678EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.41 views

CVE-2002-1609

Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

4.6CVSS7.2AI score0.0013EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.41 views

CVE-2002-1668

HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.

2.1CVSS6.9AI score0.00088EPSS
CVE
CVE
added 2005/03/11 5:0 a.m.41 views

CVE-2003-1097

Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.

7.2CVSS7.2AI score0.00374EPSS
CVE
CVE
added 2007/01/19 11:28 p.m.41 views

CVE-2007-0396

Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors.

7.1CVSS6.4AI score0.00705EPSS
CVE
CVE
added 2007/10/09 6:17 p.m.41 views

CVE-2007-5302

Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00563EPSS
CVE
CVE
added 2007/10/18 12:17 a.m.41 views

CVE-2007-5536

Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.

4.9CVSS6AI score0.00089EPSS
CVE
CVE
added 2010/08/30 9:0 p.m.41 views

CVE-2010-2712

Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.

6.8CVSS6.4AI score0.00047EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.40 views

CVE-1999-0436

Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.

4.6CVSS6.5AI score0.00103EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.40 views

CVE-1999-1134

Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.

7.2CVSS7.3AI score0.00035EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.40 views

CVE-1999-1238

Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.

4.6CVSS7.3AI score0.00052EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.40 views

CVE-1999-1573

Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.

10CVSS7.1AI score0.00918EPSS
CVE
CVE
added 2000/04/18 4:0 a.m.40 views

CVE-2000-0159

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.

7.5CVSS7.3AI score0.00689EPSS
CVE
CVE
added 2000/10/20 4:0 a.m.40 views

CVE-2000-0801

Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.

7.2CVSS7.2AI score0.00054EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.40 views

CVE-2001-0379

Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.

4.6CVSS6.6AI score0.00108EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.40 views

CVE-2001-1256

kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files.

1.2CVSS6.4AI score0.0034EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.40 views

CVE-2001-1564

setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.

2.1CVSS6.8AI score0.00095EPSS
CVE
CVE
added 2002/06/18 4:0 a.m.40 views

CVE-2002-0585

Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.

5CVSS6.5AI score0.00708EPSS
CVE
CVE
added 2005/03/25 5:0 a.m.40 views

CVE-2002-1618

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

7.2CVSS6.9AI score0.00079EPSS
CVE
CVE
added 2007/10/18 10:0 a.m.40 views

CVE-2002-2262

Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.

5CVSS6.9AI score0.01199EPSS
CVE
CVE
added 2005/03/11 5:0 a.m.40 views

CVE-2003-1098

The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.

7.2CVSS6.9AI score0.00198EPSS
CVE
CVE
added 2005/11/18 9:3 p.m.40 views

CVE-2005-3670

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via cer...

7.8CVSS6.9AI score0.2526EPSS
CVE
CVE
added 2005/12/08 11:3 a.m.40 views

CVE-2005-4090

Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact.

10CVSS6.7AI score0.02775EPSS
CVE
CVE
added 2006/03/17 7:2 p.m.40 views

CVE-2006-1248

Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended...

4.6CVSS6.4AI score0.00088EPSS
CVE
CVE
added 2006/09/15 9:7 p.m.40 views

CVE-2006-4820

Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.

2.1CVSS6.2AI score0.00062EPSS
CVE
CVE
added 2006/10/05 4:4 a.m.40 views

CVE-2006-5151

Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.

10CVSS7.1AI score0.04532EPSS
CVE
CVE
added 2007/04/12 10:19 a.m.40 views

CVE-2007-1993

Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure 2."

9.3CVSS7.6AI score0.04814EPSS
CVE
CVE
added 2007/08/29 1:17 a.m.40 views

CVE-2007-4590

The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.

3.3CVSS6.5AI score0.00077EPSS
CVE
CVE
added 2008/05/21 1:24 p.m.40 views

CVE-2008-1660

Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

6.3CVSS6.1AI score0.0006EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.40 views

CVE-2014-7879

HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.

8.5CVSS7AI score0.00421EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.39 views

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

7.2CVSS7.6AI score0.00115EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.39 views

CVE-1999-1146

Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.

7.2CVSS7.4AI score0.00033EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.39 views

CVE-2001-1264

Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.

10CVSS6.5AI score0.01336EPSS
Total number of security vulnerabilities288