HP-UX
by HPE
CVEs (33)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-1099 | 0.00 | — | 0.01 | Dec 31, 2003 | shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. | |||
| CVE-2003-1098 | 0.00 | — | 0.01 | Dec 31, 2003 | The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. | |||
| CVE-2002-1618 | 0.00 | — | 0.01 | Oct 16, 2002 | JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems. | |||
| CVE-2002-0577 | 0.00 | — | 0.01 | Jun 18, 2002 | Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |||
| CVE-2001-0668 | 0.00 | — | 0.06 | Sep 20, 2001 | Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands. | |||
| CVE-2001-0379 | 0.00 | — | 0.01 | Jun 18, 2001 | Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights. | |||
| CVE-1999-1139 | 0.00 | — | 0.00 | Sep 1, 1997 | Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||
| CVE-1999-1133 | 0.00 | — | 0.00 | Sep 1, 1997 | HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. | |||
| CVE-1999-1160 | 0.00 | — | 0.04 | Feb 2, 1997 | Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. | |||
| CVE-1999-1251 | 0.00 | — | 0.00 | Dec 24, 1996 | Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service. | |||
| CVE-1999-1161 | 0.00 | — | 0.01 | Nov 3, 1996 | Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. | |||
| CVE-1999-1205 | 0.00 | — | 0.00 | Jun 7, 1996 | nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information. | |||
| CVE-1999-1248 | 0.00 | — | 0.00 | Nov 30, 1994 | Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. |
- CVE-2003-1099Dec 31, 2003risk 0.00cvss —epss 0.01
shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack.
- CVE-2003-1098Dec 31, 2003risk 0.00cvss —epss 0.01
The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.
- CVE-2002-1618Oct 16, 2002risk 0.00cvss —epss 0.01
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
- CVE-2002-0577Jun 18, 2002risk 0.00cvss —epss 0.01
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.
- CVE-2001-0668Sep 20, 2001risk 0.00cvss —epss 0.06
Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.
- CVE-2001-0379Jun 18, 2001risk 0.00cvss —epss 0.01
Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.
- CVE-1999-1139Sep 1, 1997risk 0.00cvss —epss 0.00
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
- CVE-1999-1133Sep 1, 1997risk 0.00cvss —epss 0.00
HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users.
- CVE-1999-1160Feb 2, 1997risk 0.00cvss —epss 0.04
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges.
- CVE-1999-1251Dec 24, 1996risk 0.00cvss —epss 0.00
Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.
- CVE-1999-1161Nov 3, 1996risk 0.00cvss —epss 0.01
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.
- CVE-1999-1205Jun 7, 1996risk 0.00cvss —epss 0.00
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
- CVE-1999-1248Nov 30, 1994risk 0.00cvss —epss 0.00
Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.
Page 2 of 2