Hp-ux Security Vulnerabilities and Issues — Hp-ux CVE List

Lucene search

HpHp-ux

13 matches found

CVE•added 2007/10/29 7:0 p.m.•44 views

CVE-2002-2363

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

7.2CVSS7AI score0.00036EPSS

CVE•added 2007/10/06 8:0 p.m.•44 views

CVE-2004-2693

HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

7.2CVSS7AI score0.00034EPSS

CVE•added 2007/10/09 6:17 p.m.•41 views

CVE-2007-5302

Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00563EPSS

CVE•added 2007/10/18 12:17 a.m.•41 views

CVE-2007-5536

Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.

4.9CVSS6AI score0.00089EPSS

CVE•added 2007/10/18 10:0 a.m.•40 views

CVE-2002-2262

Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.

5CVSS6.9AI score0.01199EPSS

CVE•added 2007/10/19 10:0 a.m.•39 views

CVE-2003-1375

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.

7.2CVSS7.9AI score0.00244EPSS

CVE•added 2007/10/17 1:0 a.m.•37 views

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

7.2CVSS7.2AI score0.00191EPSS

CVE•added 2007/10/17 1:0 a.m.•37 views

CVE-2003-1359

Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.

7.2CVSS7.3AI score0.00175EPSS

CVE•added 2007/10/19 10:0 a.m.•36 views

CVE-2003-1374

Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.

4.6CVSS7.9AI score0.00119EPSS

CVE•added 2007/10/14 7:0 p.m.•34 views

CVE-2003-1356

The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.

7.2CVSS6.7AI score0.00053EPSS

CVE•added 2007/10/17 1:0 a.m.•33 views

CVE-2003-1360

Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.

7.2CVSS7.8AI score0.00059EPSS

CVE•added 2007/10/23 1:0 a.m.•31 views

CVE-2003-1461

Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473).

7.2CVSS7.5AI score0.17345EPSS

CVE•added 2007/10/18 10:0 a.m.•29 views

CVE-2002-2270

Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.

3.6CVSS6.6AI score0.00164EPSS