Hpux
by Microfocus
CVEs (295)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-2270 | 0.00 | — | 0.00 | Dec 31, 2002 | Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||
| CVE-2002-2138 | 0.00 | — | 0.03 | Dec 31, 2002 | RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. | |||
| CVE-2002-2262 | 0.00 | — | 0.02 | Dec 31, 2002 | Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | |||
| CVE-2002-1794 | 0.00 | — | 0.04 | Dec 31, 2002 | Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. | |||
| CVE-2002-1668 | 0.00 | — | 0.00 | Dec 31, 2002 | HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file. | |||
| CVE-2002-1618 | 0.00 | — | 0.01 | Oct 16, 2002 | JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems. | |||
| CVE-2002-0992 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. | |||
| CVE-2002-1612 | 0.00 | — | 0.01 | Sep 13, 2002 | Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-1615 | 0.00 | — | 0.01 | Sep 13, 2002 | Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader. | |||
| CVE-2002-1613 | 0.00 | — | 0.01 | Sep 10, 2002 | Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-1607 | 0.00 | — | 0.01 | Aug 31, 2002 | Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||
| CVE-2002-1608 | 0.00 | — | 0.01 | Aug 31, 2002 | Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||
| CVE-2002-1609 | 0.00 | — | 0.01 | Aug 30, 2002 | Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-1610 | 0.00 | — | 0.01 | Aug 30, 2002 | Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service. | |||
| CVE-2002-1606 | 0.00 | — | 0.01 | Aug 30, 2002 | Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | |||
| CVE-2002-1611 | 0.00 | — | 0.01 | Aug 30, 2002 | Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-0798 | 0.00 | — | 0.01 | Aug 12, 2002 | Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service. | |||
| CVE-2002-0585 | 0.00 | — | 0.02 | Jun 18, 2002 | Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service. | |||
| CVE-2002-0577 | 0.00 | — | 0.01 | Jun 18, 2002 | Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |||
| CVE-2002-0279 | 0.00 | — | 0.01 | May 31, 2002 | The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges. |
- CVE-2002-2270Dec 31, 2002risk 0.00cvss —epss 0.00
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.
- CVE-2002-2138Dec 31, 2002risk 0.00cvss —epss 0.03
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.
- CVE-2002-2262Dec 31, 2002risk 0.00cvss —epss 0.02
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
- CVE-2002-1794Dec 31, 2002risk 0.00cvss —epss 0.04
Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.
- CVE-2002-1668Dec 31, 2002risk 0.00cvss —epss 0.00
HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.
- CVE-2002-1618Oct 16, 2002risk 0.00cvss —epss 0.01
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
- CVE-2002-0992Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.
- CVE-2002-1612Sep 13, 2002risk 0.00cvss —epss 0.01
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-1615Sep 13, 2002risk 0.00cvss —epss 0.01
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.
- CVE-2002-1613Sep 10, 2002risk 0.00cvss —epss 0.01
Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-1607Aug 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
- CVE-2002-1608Aug 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
- CVE-2002-1609Aug 30, 2002risk 0.00cvss —epss 0.01
Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-1610Aug 30, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
- CVE-2002-1606Aug 30, 2002risk 0.00cvss —epss 0.01
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.
- CVE-2002-1611Aug 30, 2002risk 0.00cvss —epss 0.01
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-0798Aug 12, 2002risk 0.00cvss —epss 0.01
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.
- CVE-2002-0585Jun 18, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.
- CVE-2002-0577Jun 18, 2002risk 0.00cvss —epss 0.01
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.
- CVE-2002-0279May 31, 2002risk 0.00cvss —epss 0.01
The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.
Page 10 of 15