Hpux
by Microfocus
CVEs (295)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5536 | 0.00 | — | 0.01 | Oct 18, 2007 | Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2007-5302 | 0.00 | — | 0.03 | Oct 9, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-5008 | 0.00 | — | 0.04 | Sep 20, 2007 | The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. | |||
| CVE-2007-4590 | 0.00 | — | 0.00 | Aug 29, 2007 | The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. | |||
| CVE-2007-4125 | 0.00 | — | 0.02 | Aug 1, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors. | |||
| CVE-2007-2246 | 0.00 | — | 0.02 | Apr 25, 2007 | Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not… | |||
| CVE-2007-1994 | 0.00 | — | 0.00 | Apr 12, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as… | |||
| CVE-2007-0916 | 0.00 | — | 0.00 | Feb 14, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||
| CVE-2007-0915 | 0.00 | — | 0.04 | Feb 14, 2007 | Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | |||
| CVE-2007-0394 | 0.00 | — | 0.01 | Jan 19, 2007 | HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | |||
| CVE-2007-0396 | 0.00 | — | 0.02 | Jan 19, 2007 | Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors. | |||
| CVE-2006-5452 | 0.00 | — | 0.01 | Oct 23, 2006 | Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument. | |||
| CVE-2006-5151 | 0.00 | — | 0.04 | Oct 5, 2006 | Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors. | |||
| CVE-2006-5091 | 0.00 | — | 0.01 | Sep 29, 2006 | Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors. | |||
| CVE-2006-4820 | 0.00 | — | 0.00 | Sep 15, 2006 | Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||
| CVE-2006-4795 | 0.00 | — | 0.00 | Sep 14, 2006 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2006-4187 | 0.00 | — | 0.00 | Aug 17, 2006 | Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2006-4188 | 0.00 | — | 0.04 | Aug 17, 2006 | Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2006-3335 | 0.00 | — | 0.00 | Jul 3, 2006 | Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors. | |||
| CVE-2006-3201 | 0.00 | — | 0.00 | Jun 23, 2006 | Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. |
- CVE-2007-5536Oct 18, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.
- CVE-2007-5302Oct 9, 2007risk 0.00cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-5008Sep 20, 2007risk 0.00cvss —epss 0.04
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
- CVE-2007-4590Aug 29, 2007risk 0.00cvss —epss 0.00
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
- CVE-2007-4125Aug 1, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.
- CVE-2007-2246Apr 25, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not…
- CVE-2007-1994Apr 12, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as…
- CVE-2007-0916Feb 14, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
- CVE-2007-0915Feb 14, 2007risk 0.00cvss —epss 0.04
Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.
- CVE-2007-0394Jan 19, 2007risk 0.00cvss —epss 0.01
HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.
- CVE-2007-0396Jan 19, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors.
- CVE-2006-5452Oct 23, 2006risk 0.00cvss —epss 0.01
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
- CVE-2006-5151Oct 5, 2006risk 0.00cvss —epss 0.04
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
- CVE-2006-5091Sep 29, 2006risk 0.00cvss —epss 0.01
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
- CVE-2006-4820Sep 15, 2006risk 0.00cvss —epss 0.00
Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
- CVE-2006-4795Sep 14, 2006risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
- CVE-2006-4187Aug 17, 2006risk 0.00cvss —epss 0.00
Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors.
- CVE-2006-4188Aug 17, 2006risk 0.00cvss —epss 0.04
Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
- CVE-2006-3335Jul 3, 2006risk 0.00cvss —epss 0.00
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
- CVE-2006-3201Jun 23, 2006risk 0.00cvss —epss 0.00
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
Page 7 of 15