VYPR

Vendor CVEs

Microfocus

All CVEs

2,280 total · sorted by risk
  • CVE-2003-0221May 12, 2003
    risk 0.00cvss epss 0.00

    The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.

  • CVE-2002-1475Apr 22, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service.

  • CVE-2002-1474Apr 22, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service.

  • CVE-2002-1409Apr 11, 2003
    risk 0.00cvss epss 0.01

    ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."

  • CVE-2002-1406Apr 11, 2003
    risk 0.00cvss epss 0.01

    Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."

  • CVE-2002-1408Apr 11, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.

  • CVE-2002-1439Apr 11, 2003
    risk 0.00cvss epss 0.01

    Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.

  • CVE-2003-0064Mar 3, 2003
    risk 0.00cvss epss 0.03

    The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker…

  • CVE-2002-1617Dec 31, 2002
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

  • CVE-2002-1856Dec 31, 2002
    risk 0.00cvss epss 0.04

    HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").

  • CVE-2002-1999Dec 31, 2002
    risk 0.00cvss epss 0.03

    HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests.

  • CVE-2002-2012Dec 31, 2002
    risk 0.00cvss epss 0.06

    Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.

  • CVE-2002-2264Dec 31, 2002
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be…

  • CVE-2002-2270Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.

  • CVE-2002-1793Dec 31, 2002
    risk 0.00cvss epss 0.02

    HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.

  • CVE-2002-1784Dec 31, 2002
    risk 0.00cvss epss 0.03

    Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors.

  • CVE-2002-1794Dec 31, 2002
    risk 0.00cvss epss 0.04

    Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.

  • CVE-2002-1797Dec 31, 2002
    risk 0.00cvss epss 0.00

    ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer.

  • CVE-2002-2263Dec 31, 2002
    risk 0.00cvss epss 0.00

    The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.

  • CVE-2002-1668Dec 31, 2002
    risk 0.00cvss epss 0.00

    HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.

  • CVE-2002-2138Dec 31, 2002
    risk 0.00cvss epss 0.03

    RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.

  • CVE-2002-2262Dec 31, 2002
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.

  • CVE-2002-2363Dec 31, 2002
    risk 0.00cvss epss 0.00

    VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

  • CVE-2002-0711Nov 12, 2002
    risk 0.00cvss epss 0.03

    Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service.

  • CVE-2002-1232Nov 4, 2002
    risk 0.00cvss epss 0.03

    Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.

  • CVE-2002-1202Oct 28, 2002
    risk 0.00cvss epss 0.02

    Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files.

  • CVE-2002-1618Oct 16, 2002
    risk 0.00cvss epss 0.01

    JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

  • CVE-2002-1134Oct 4, 2002
    risk 0.00cvss epss 0.02

    Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files.

  • CVE-2002-0992Oct 4, 2002
    risk 0.00cvss epss 0.01

    Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.

  • CVE-2002-0993Oct 4, 2002
    risk 0.00cvss epss 0.01

    Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.

  • CVE-2002-1612Sep 13, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

  • CVE-2002-1615Sep 13, 2002
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.

  • CVE-2002-1613Sep 10, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

  • CVE-2002-0093Sep 5, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.

  • CVE-2002-1608Aug 31, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

  • CVE-2002-1607Aug 31, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

  • CVE-2002-1609Aug 30, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

  • CVE-2002-1611Aug 30, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

  • CVE-2002-1610Aug 30, 2002
    risk 0.00cvss epss 0.01

    Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.

  • CVE-2002-1606Aug 30, 2002
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.

  • CVE-2002-0763Aug 12, 2002
    risk 0.00cvss epss 0.02

    Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server.

  • CVE-2002-0798Aug 12, 2002
    risk 0.00cvss epss 0.01

    Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.

  • CVE-2002-0638Aug 12, 2002
    risk 0.00cvss epss 0.01

    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file…

  • CVE-2002-0529Aug 12, 2002
    risk 0.00cvss epss 0.00

    HP Photosmart printer driver for Mac OS X installs the hp_imaging_connectivity program and the hp_imaging_connectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hp_imaging_connectivity with a…

  • CVE-2002-0350Jun 25, 2002
    risk 0.00cvss epss 0.05

    HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.

  • CVE-2002-0610Jun 18, 2002
    risk 0.00cvss epss 0.03

    Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.

  • CVE-2002-0577Jun 18, 2002
    risk 0.00cvss epss 0.01

    Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.

  • CVE-2002-0585Jun 18, 2002
    risk 0.00cvss epss 0.02

    Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.

  • CVE-2002-0609Jun 18, 2002
    risk 0.00cvss epss 0.02

    Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.

  • CVE-2002-0279May 31, 2002
    risk 0.00cvss epss 0.01

    The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.

Page 43 of 46