VYPR

Hpux

by Microfocus

CVEs (295)

  • CVE-2004-0965Feb 9, 2005
    risk 0.00cvss epss 0.01

    stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.

  • CVE-2004-2753Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."

  • CVE-2004-0952Dec 31, 2004
    risk 0.00cvss epss 0.05

    HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.

  • CVE-2004-2665Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.

  • CVE-2004-2693Dec 31, 2004
    risk 0.00cvss epss 0.00

    HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

  • CVE-2004-1328Dec 31, 2004
    risk 0.00cvss epss 0.01

    Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.

  • CVE-2004-1375Dec 23, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.

  • CVE-2004-1764Jan 14, 2004
    risk 0.00cvss epss 0.01

    Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.

  • CVE-2003-1360Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.

  • CVE-2003-1087Dec 31, 2003
    risk 0.00cvss epss 0.03

    Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.

  • CVE-2003-1374Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.

  • CVE-2003-1356Dec 31, 2003
    risk 0.00cvss epss 0.00

    The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.

  • CVE-2003-1098Dec 31, 2003
    risk 0.00cvss epss 0.01

    The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.

  • CVE-2003-0914Dec 15, 2003
    risk 0.00cvss epss 0.03

    ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

  • CVE-2003-0951Dec 15, 2003
    risk 0.00cvss epss 0.01

    Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.

  • CVE-2003-0333May 19, 2003
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying…

  • CVE-2002-1406Apr 11, 2003
    risk 0.00cvss epss 0.01

    Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."

  • CVE-2002-1409Apr 11, 2003
    risk 0.00cvss epss 0.01

    ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."

  • CVE-2003-0064Mar 3, 2003
    risk 0.00cvss epss 0.03

    The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker…

  • CVE-2002-2262Dec 31, 2002
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.

Page 9 of 15