Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
HpHp-ux11.00

139 matches found

CVE
CVEadded 2000/02/04 5:0 a.m.713 views

CVE-1999-0517

An SNMP community name is the default (e.g. public), null, or missing.

7.5CVSS6.7AI score0.92333EPSS
CVE
CVEadded 2005/03/25 5:0 a.m.297 views

CVE-2002-1614

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

7.2CVSS7.8AI score0.00899EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.147 views

CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

5CVSS7.3AI score0.25583EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.142 views

CVE-2004-0826

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

7.5CVSS7.7AI score0.02995EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.121 views

CVE-1999-0016

Land IP denial of service.

5CVSS6.6AI score0.72572EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.120 views

CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

7.8CVSS8AI score0.04161EPSS
CVE
CVEadded 2003/05/05 4:0 a.m.118 views

CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

10CVSS7.3AI score0.76919EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.113 views

CVE-1999-0003

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

10CVSS7.5AI score0.90339EPSS
CVE
CVEadded 2004/11/23 5:0 a.m.109 views

CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

7.5CVSS7.1AI score0.02058EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.102 views

CVE-1999-0097

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

10CVSS7.2AI score0.01076EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.93 views

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers...

10CVSS7.6AI score0.71952EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.92 views

CVE-2000-0515

The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.

10CVSS6.9AI score0.01471EPSS
CVE
CVEadded 2003/10/06 4:0 a.m.92 views

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

10CVSS7.7AI score0.7608EPSS
CVE
CVEadded 2003/03/25 5:0 a.m.89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS
CVE
CVEadded 2004/11/23 5:0 a.m.88 views

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5CVSS7.2AI score0.02271EPSS
CVE
CVEadded 2004/11/23 5:0 a.m.88 views

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-b...

5CVSS7.2AI score0.00942EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.80 views

CVE-1999-0008

Buffer overflow in NIS+, in Sun's rpc.nisd program.

10CVSS7AI score0.03952EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.79 views

CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

10CVSS7.5AI score0.91378EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.79 views

CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

10CVSS7.6AI score0.623EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.76 views

CVE-1999-0015

Teardrop IP denial of service.

5CVSS6.8AI score0.25851EPSS
CVE
CVEadded 2003/05/05 4:0 a.m.74 views

CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

10CVSS7.6AI score0.76919EPSS
CVE
CVEadded 2003/10/06 4:0 a.m.72 views

CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

7.5CVSS6.8AI score0.12435EPSS
CVE
CVEadded 2004/09/17 4:0 a.m.72 views

CVE-2004-0809

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

5CVSS7.2AI score0.16458EPSS
CVE
CVEadded 2002/07/23 4:0 a.m.68 views

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

7.5CVSS6.8AI score0.19026EPSS
CVE
CVEadded 2001/12/06 5:0 a.m.66 views

CVE-2001-0817

Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.

10CVSS6.9AI score0.05192EPSS
CVE
CVEadded 2003/04/22 4:0 a.m.66 views

CVE-2002-1473

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

4.6CVSS7.6AI score0.17345EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.65 views

CVE-1999-0014

Unauthorized privileged access or denial of service via dtappgather program in CDE.

7.2CVSS7.4AI score0.0086EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.64 views

CVE-2005-1192

Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.

5CVSS7.3AI score0.59911EPSS
CVE
CVEadded 2005/03/25 5:0 a.m.63 views

CVE-2002-1615

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.

7.2CVSS7.9AI score0.00091EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.61 views

CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2CVSS6.2AI score0.0043EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.60 views

CVE-2004-1029

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using ...

9.3CVSS7.3AI score0.42558EPSS
CVE
CVEadded 2003/12/15 5:0 a.m.58 views

CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

4.3CVSS6.2AI score0.19846EPSS
CVE
CVEadded 2006/03/30 1:6 a.m.56 views

CVE-2006-1509

/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.

4.9CVSS6AI score0.00078EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.55 views

CVE-1999-0353

rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.

9.3CVSS6.7AI score0.00311EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.55 views

CVE-1999-0696

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

10CVSS6.9AI score0.05576EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.52 views

CVE-2000-0699

Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.

10CVSS7.6AI score0.04449EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.51 views

CVE-2001-0085

Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.

7.2CVSS7.3AI score0.00051EPSS
CVE
CVEadded 2006/03/25 12:6 a.m.51 views

CVE-2006-1389

Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

7.8CVSS6.5AI score0.07825EPSS
CVE
CVEadded 2006/07/03 1:5 a.m.51 views

CVE-2006-3335

Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.4AI score0.00061EPSS
CVE
CVEadded 2001/06/18 4:0 a.m.50 views

CVE-2001-0249

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

10CVSS10AI score0.03991EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.50 views

CVE-2001-0668

Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

7.5CVSS7.6AI score0.01763EPSS
CVE
CVEadded 2002/03/15 5:0 a.m.50 views

CVE-2001-1124

rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.

5CVSS6.9AI score0.00794EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.50 views

CVE-2002-0679

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

10CVSS7.9AI score0.70866EPSS
CVE
CVEadded 2005/03/10 5:0 a.m.50 views

CVE-2004-1764

Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.

7.2CVSS6.8AI score0.00076EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.49 views

CVE-1999-0435

MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.

7.2CVSS6.6AI score0.00079EPSS
CVE
CVEadded 2002/03/15 5:0 a.m.49 views

CVE-2001-1198

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

7.2CVSS7AI score0.00047EPSS
CVE
CVEadded 2005/02/11 5:0 a.m.49 views

CVE-2005-0364

Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.

5CVSS6.6AI score0.00826EPSS
Total number of security vulnerabilities139