VYPR

Hpux

by Microfocus

CVEs (295)

  • CVE-2003-0061Jan 11, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.

  • CVE-2001-1509Dec 31, 2001
    risk 0.00cvss epss 0.00

    geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.

  • CVE-2001-1564Dec 31, 2001
    risk 0.00cvss epss 0.00

    setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.

  • CVE-2001-1198Dec 15, 2001
    risk 0.00cvss epss 0.01

    RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

  • CVE-2001-0809Dec 6, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.

  • CVE-2001-0772Oct 18, 2001
    risk 0.00cvss epss 0.01

    Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

  • CVE-2001-1124Oct 1, 2001
    risk 0.00cvss epss 0.03

    rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.

  • CVE-2001-0668Sep 20, 2001
    risk 0.00cvss epss 0.06

    Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

  • CVE-2001-1136Sep 13, 2001
    risk 0.00cvss epss 0.01

    The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service.

  • CVE-2001-0978Sep 3, 2001
    risk 0.00cvss epss 0.02

    login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.

  • CVE-2001-0607Aug 22, 2001
    risk 0.00cvss epss 0.00

    asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

  • CVE-2001-1264Jul 19, 2001
    risk 0.00cvss epss 0.04

    Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.

  • CVE-2001-1182Jul 17, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges.

  • CVE-2001-1181Jul 16, 2001
    risk 0.00cvss epss 0.01

    Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.

  • CVE-2001-1244Jul 7, 2001
    risk 0.00cvss epss 0.35

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that…

  • CVE-2001-0488Jun 27, 2001
    risk 0.00cvss epss 0.00

    pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.

  • CVE-2001-0379Jun 18, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.

  • CVE-2001-1256Jun 11, 2001
    risk 0.00cvss epss 0.06

    kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files.

  • CVE-2001-0551May 22, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.

  • CVE-2001-0266May 3, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

Page 11 of 15