Vendor CVEs
Microfocus
All CVEs
2,280 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0221 | 0.00 | — | 0.00 | May 12, 2003 | The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack. | |||
| CVE-2002-1475 | 0.00 | — | 0.02 | Apr 22, 2003 | Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service. | |||
| CVE-2002-1474 | 0.00 | — | 0.02 | Apr 22, 2003 | Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service. | |||
| CVE-2002-1409 | 0.00 | — | 0.01 | Apr 11, 2003 | ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state." | |||
| CVE-2002-1406 | 0.00 | — | 0.01 | Apr 11, 2003 | Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior." | |||
| CVE-2002-1408 | 0.00 | — | 0.02 | Apr 11, 2003 | Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name. | |||
| CVE-2002-1439 | 0.00 | — | 0.01 | Apr 11, 2003 | Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files. | |||
| CVE-2003-0064 | 0.00 | — | 0.03 | Mar 3, 2003 | The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker… | |||
| CVE-2002-1617 | 0.00 | — | 0.01 | Dec 31, 2002 | Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm. | |||
| CVE-2002-1856 | 0.00 | — | 0.04 | Dec 31, 2002 | HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||
| CVE-2002-1999 | 0.00 | — | 0.03 | Dec 31, 2002 | HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. | |||
| CVE-2002-2012 | 0.00 | — | 0.06 | Dec 31, 2002 | Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | |||
| CVE-2002-2264 | 0.00 | — | 0.03 | Dec 31, 2002 | Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be… | |||
| CVE-2002-2270 | 0.00 | — | 0.00 | Dec 31, 2002 | Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||
| CVE-2002-1793 | 0.00 | — | 0.02 | Dec 31, 2002 | HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service. | |||
| CVE-2002-1784 | 0.00 | — | 0.03 | Dec 31, 2002 | Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors. | |||
| CVE-2002-1794 | 0.00 | — | 0.04 | Dec 31, 2002 | Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. | |||
| CVE-2002-1797 | 0.00 | — | 0.00 | Dec 31, 2002 | ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer. | |||
| CVE-2002-2263 | 0.00 | — | 0.00 | Dec 31, 2002 | The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. | |||
| CVE-2002-1668 | 0.00 | — | 0.00 | Dec 31, 2002 | HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file. | |||
| CVE-2002-2138 | 0.00 | — | 0.03 | Dec 31, 2002 | RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. | |||
| CVE-2002-2262 | 0.00 | — | 0.02 | Dec 31, 2002 | Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | |||
| CVE-2002-2363 | 0.00 | — | 0.00 | Dec 31, 2002 | VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | |||
| CVE-2002-0711 | 0.00 | — | 0.03 | Nov 12, 2002 | Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service. | |||
| CVE-2002-1232 | 0.00 | — | 0.03 | Nov 4, 2002 | Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | |||
| CVE-2002-1202 | 0.00 | — | 0.02 | Oct 28, 2002 | Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files. | |||
| CVE-2002-1618 | 0.00 | — | 0.01 | Oct 16, 2002 | JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems. | |||
| CVE-2002-1134 | 0.00 | — | 0.02 | Oct 4, 2002 | Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files. | |||
| CVE-2002-0992 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. | |||
| CVE-2002-0993 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files. | |||
| CVE-2002-1612 | 0.00 | — | 0.01 | Sep 13, 2002 | Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-1615 | 0.00 | — | 0.01 | Sep 13, 2002 | Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader. | |||
| CVE-2002-1613 | 0.00 | — | 0.01 | Sep 10, 2002 | Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-0093 | 0.00 | — | 0.01 | Sep 5, 2002 | Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423. | |||
| CVE-2002-1608 | 0.00 | — | 0.01 | Aug 31, 2002 | Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||
| CVE-2002-1607 | 0.00 | — | 0.01 | Aug 31, 2002 | Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||
| CVE-2002-1609 | 0.00 | — | 0.01 | Aug 30, 2002 | Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-1611 | 0.00 | — | 0.01 | Aug 30, 2002 | Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||
| CVE-2002-1610 | 0.00 | — | 0.01 | Aug 30, 2002 | Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service. | |||
| CVE-2002-1606 | 0.00 | — | 0.01 | Aug 30, 2002 | Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | |||
| CVE-2002-0763 | 0.00 | — | 0.02 | Aug 12, 2002 | Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server. | |||
| CVE-2002-0798 | 0.00 | — | 0.01 | Aug 12, 2002 | Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service. | |||
| CVE-2002-0638 | 0.00 | — | 0.01 | Aug 12, 2002 | setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file… | |||
| CVE-2002-0529 | 0.00 | — | 0.00 | Aug 12, 2002 | HP Photosmart printer driver for Mac OS X installs the hp_imaging_connectivity program and the hp_imaging_connectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hp_imaging_connectivity with a… | |||
| CVE-2002-0350 | 0.00 | — | 0.05 | Jun 25, 2002 | HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | |||
| CVE-2002-0610 | 0.00 | — | 0.03 | Jun 18, 2002 | Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges. | |||
| CVE-2002-0577 | 0.00 | — | 0.01 | Jun 18, 2002 | Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |||
| CVE-2002-0585 | 0.00 | — | 0.02 | Jun 18, 2002 | Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service. | |||
| CVE-2002-0609 | 0.00 | — | 0.02 | Jun 18, 2002 | Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets. | |||
| CVE-2002-0279 | 0.00 | — | 0.01 | May 31, 2002 | The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges. |
- CVE-2003-0221May 12, 2003risk 0.00cvss —epss 0.00
The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.
- CVE-2002-1475Apr 22, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service.
- CVE-2002-1474Apr 22, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service.
- CVE-2002-1409Apr 11, 2003risk 0.00cvss —epss 0.01
ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."
- CVE-2002-1406Apr 11, 2003risk 0.00cvss —epss 0.01
Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."
- CVE-2002-1408Apr 11, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.
- CVE-2002-1439Apr 11, 2003risk 0.00cvss —epss 0.01
Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.
- CVE-2003-0064Mar 3, 2003risk 0.00cvss —epss 0.03
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker…
- CVE-2002-1617Dec 31, 2002risk 0.00cvss —epss 0.01
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.
- CVE-2002-1856Dec 31, 2002risk 0.00cvss —epss 0.04
HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
- CVE-2002-1999Dec 31, 2002risk 0.00cvss —epss 0.03
HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests.
- CVE-2002-2012Dec 31, 2002risk 0.00cvss —epss 0.06
Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
- CVE-2002-2264Dec 31, 2002risk 0.00cvss —epss 0.03
Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be…
- CVE-2002-2270Dec 31, 2002risk 0.00cvss —epss 0.00
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.
- CVE-2002-1793Dec 31, 2002risk 0.00cvss —epss 0.02
HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
- CVE-2002-1784Dec 31, 2002risk 0.00cvss —epss 0.03
Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors.
- CVE-2002-1794Dec 31, 2002risk 0.00cvss —epss 0.04
Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.
- CVE-2002-1797Dec 31, 2002risk 0.00cvss —epss 0.00
ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer.
- CVE-2002-2263Dec 31, 2002risk 0.00cvss —epss 0.00
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.
- CVE-2002-1668Dec 31, 2002risk 0.00cvss —epss 0.00
HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.
- CVE-2002-2138Dec 31, 2002risk 0.00cvss —epss 0.03
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.
- CVE-2002-2262Dec 31, 2002risk 0.00cvss —epss 0.02
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
- CVE-2002-2363Dec 31, 2002risk 0.00cvss —epss 0.00
VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.
- CVE-2002-0711Nov 12, 2002risk 0.00cvss —epss 0.03
Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service.
- CVE-2002-1232Nov 4, 2002risk 0.00cvss —epss 0.03
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
- CVE-2002-1202Oct 28, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files.
- CVE-2002-1618Oct 16, 2002risk 0.00cvss —epss 0.01
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
- CVE-2002-1134Oct 4, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files.
- CVE-2002-0992Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.
- CVE-2002-0993Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
- CVE-2002-1612Sep 13, 2002risk 0.00cvss —epss 0.01
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-1615Sep 13, 2002risk 0.00cvss —epss 0.01
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.
- CVE-2002-1613Sep 10, 2002risk 0.00cvss —epss 0.01
Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-0093Sep 5, 2002risk 0.00cvss —epss 0.01
Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.
- CVE-2002-1608Aug 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
- CVE-2002-1607Aug 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
- CVE-2002-1609Aug 30, 2002risk 0.00cvss —epss 0.01
Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-1611Aug 30, 2002risk 0.00cvss —epss 0.01
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
- CVE-2002-1610Aug 30, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
- CVE-2002-1606Aug 30, 2002risk 0.00cvss —epss 0.01
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.
- CVE-2002-0763Aug 12, 2002risk 0.00cvss —epss 0.02
Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server.
- CVE-2002-0798Aug 12, 2002risk 0.00cvss —epss 0.01
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.
- CVE-2002-0638Aug 12, 2002risk 0.00cvss —epss 0.01
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file…
- CVE-2002-0529Aug 12, 2002risk 0.00cvss —epss 0.00
HP Photosmart printer driver for Mac OS X installs the hp_imaging_connectivity program and the hp_imaging_connectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hp_imaging_connectivity with a…
- CVE-2002-0350Jun 25, 2002risk 0.00cvss —epss 0.05
HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.
- CVE-2002-0610Jun 18, 2002risk 0.00cvss —epss 0.03
Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.
- CVE-2002-0577Jun 18, 2002risk 0.00cvss —epss 0.01
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.
- CVE-2002-0585Jun 18, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.
- CVE-2002-0609Jun 18, 2002risk 0.00cvss —epss 0.02
Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.
- CVE-2002-0279May 31, 2002risk 0.00cvss —epss 0.01
The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.
Page 43 of 46