Hpux
by Microfocus
CVEs (295)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0817 | 0.01 | — | 0.10 | Dec 6, 2001 | Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request. | |||
| CVE-1999-0057 | 0.01 | — | 0.08 | Nov 16, 1998 | Vacation program allows command execution by remote users through a sendmail command. | |||
| CVE-1999-0333 | 0.01 | — | 0.06 | Aug 1, 1998 | HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. | |||
| CVE-1999-0104 | 0.01 | — | 0.09 | Dec 16, 1997 | A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. | |||
| CVE-2015-2132 | 0.00 | — | 0.00 | Aug 22, 2015 | Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. | |||
| CVE-2015-2126 | 0.00 | — | 0.01 | Jul 6, 2015 | Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions. | |||
| CVE-2014-7879 | 0.00 | — | 0.05 | Dec 10, 2014 | HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors. | |||
| CVE-2014-7877 | 0.00 | — | 0.01 | Oct 30, 2014 | Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors. | |||
| CVE-2014-7874 | 0.00 | — | 0.02 | Oct 19, 2014 | Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||
| CVE-2014-2490 | 0.00 | — | 0.06 | Jul 17, 2014 | Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||
| CVE-2014-3956 | 0.00 | — | 0.01 | Jun 4, 2014 | The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. | |||
| CVE-2013-6209 | 0.00 | — | 0.03 | Mar 14, 2014 | Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2013-6200 | 0.00 | — | 0.00 | Mar 11, 2014 | Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors. | |||
| CVE-2012-0126 | 0.00 | — | 0.02 | Mar 28, 2012 | Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125. | |||
| CVE-2012-0125 | 0.00 | — | 0.00 | Mar 28, 2012 | Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126. | |||
| CVE-2011-2398 | 0.00 | — | 0.00 | Jul 11, 2011 | Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors. | |||
| CVE-2011-0896 | 0.00 | — | 0.03 | Apr 15, 2011 | Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors. | |||
| CVE-2011-0891 | 0.00 | — | 0.00 | Apr 4, 2011 | Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors. | |||
| CVE-2010-4108 | 0.00 | — | 0.03 | Dec 8, 2010 | HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors. | |||
| CVE-2010-2712 | 0.00 | — | 0.00 | Aug 30, 2010 | Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. |
- CVE-2001-0817Dec 6, 2001risk 0.01cvss —epss 0.10
Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.
- CVE-1999-0057Nov 16, 1998risk 0.01cvss —epss 0.08
Vacation program allows command execution by remote users through a sendmail command.
- CVE-1999-0333Aug 1, 1998risk 0.01cvss —epss 0.06
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
- CVE-1999-0104Dec 16, 1997risk 0.01cvss —epss 0.09
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
- CVE-2015-2132Aug 22, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
- CVE-2015-2126Jul 6, 2015risk 0.00cvss —epss 0.01
Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.
- CVE-2014-7879Dec 10, 2014risk 0.00cvss —epss 0.05
HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.
- CVE-2014-7877Oct 30, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
- CVE-2014-7874Oct 19, 2014risk 0.00cvss —epss 0.02
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
- CVE-2014-2490Jul 17, 2014risk 0.00cvss —epss 0.06
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
- CVE-2014-3956Jun 4, 2014risk 0.00cvss —epss 0.01
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
- CVE-2013-6209Mar 14, 2014risk 0.00cvss —epss 0.03
Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
- CVE-2013-6200Mar 11, 2014risk 0.00cvss —epss 0.00
Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors.
- CVE-2012-0126Mar 28, 2012risk 0.00cvss —epss 0.02
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.
- CVE-2012-0125Mar 28, 2012risk 0.00cvss —epss 0.00
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126.
- CVE-2011-2398Jul 11, 2011risk 0.00cvss —epss 0.00
Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors.
- CVE-2011-0896Apr 15, 2011risk 0.00cvss —epss 0.03
Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors.
- CVE-2011-0891Apr 4, 2011risk 0.00cvss —epss 0.00
Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.
- CVE-2010-4108Dec 8, 2010risk 0.00cvss —epss 0.03
HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.
- CVE-2010-2712Aug 30, 2010risk 0.00cvss —epss 0.00
Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
Page 5 of 15