VYPR

Vendor CVEs

Microfocus

All CVEs

2,280 total · sorted by risk
  • CVE-2003-0061Jan 11, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.

  • CVE-2001-1564Dec 31, 2001
    risk 0.00cvss epss 0.00

    setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.

  • CVE-2001-1563Dec 31, 2001
    risk 0.00cvss epss 0.05

    Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.

  • CVE-2001-1509Dec 31, 2001
    risk 0.00cvss epss 0.00

    geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.

  • CVE-2001-1506Dec 31, 2001
    risk 0.00cvss epss 0.01

    Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on…

  • CVE-2001-1198Dec 15, 2001
    risk 0.00cvss epss 0.01

    RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

  • CVE-2001-0809Dec 6, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.

  • CVE-2001-0772Oct 18, 2001
    risk 0.00cvss epss 0.01

    Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

  • CVE-2001-1124Oct 1, 2001
    risk 0.00cvss epss 0.03

    rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.

  • CVE-2001-1123Oct 1, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID.

  • CVE-2001-0668Sep 20, 2001
    risk 0.00cvss epss 0.06

    Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

  • CVE-2001-1136Sep 13, 2001
    risk 0.00cvss epss 0.01

    The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service.

  • CVE-2001-0978Sep 3, 2001
    risk 0.00cvss epss 0.02

    login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.

  • CVE-2001-0981Aug 31, 2001
    risk 0.00cvss epss 0.02

    HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

  • CVE-2001-0976Aug 31, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables.

  • CVE-2001-1039Aug 31, 2001
    risk 0.00cvss epss 0.02

    The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

  • CVE-2001-1040Aug 31, 2001
    risk 0.00cvss epss 0.02

    HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.

  • CVE-2001-0608Aug 22, 2001
    risk 0.00cvss epss 0.04

    HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program.

  • CVE-2001-0607Aug 22, 2001
    risk 0.00cvss epss 0.00

    asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

  • CVE-2001-0606Aug 22, 2001
    risk 0.00cvss epss 0.02

    Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.

  • CVE-2001-0629Aug 14, 2001
    risk 0.00cvss epss 0.05

    HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.

  • CVE-2001-1264Jul 19, 2001
    risk 0.00cvss epss 0.04

    Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.

  • CVE-2001-1182Jul 17, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges.

  • CVE-2001-1181Jul 16, 2001
    risk 0.00cvss epss 0.01

    Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.

  • CVE-2001-1244Jul 7, 2001
    risk 0.00cvss epss 0.35

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that…

  • CVE-2001-0488Jun 27, 2001
    risk 0.00cvss epss 0.00

    pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.

  • CVE-2001-0379Jun 18, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.

  • CVE-2001-1256Jun 11, 2001
    risk 0.00cvss epss 0.06

    kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files.

  • CVE-2001-0551May 22, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.

  • CVE-2001-0278May 3, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges.

  • CVE-2001-0267May 3, 2001
    risk 0.00cvss epss 0.01

    NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.

  • CVE-2001-0266May 3, 2001
    risk 0.00cvss epss 0.01

    Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

  • CVE-2001-0219Mar 26, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

  • CVE-2001-1439Feb 16, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.

  • CVE-2001-0105Feb 12, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.

  • CVE-2001-0085Feb 12, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.

  • CVE-2001-0106Feb 12, 2001
    risk 0.00cvss epss 0.02

    Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.

  • CVE-2001-0079Feb 12, 2001
    risk 0.00cvss epss 0.01

    Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file.

  • CVE-2000-1126Jan 9, 2001
    risk 0.00cvss epss 0.06

    Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.

  • CVE-1999-0307Dec 20, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

  • CVE-2000-0966Dec 19, 2000
    risk 0.00cvss epss 0.01

    Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.

  • CVE-2000-0965Dec 19, 2000
    risk 0.00cvss epss 0.03

    The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).

  • CVE-2000-1064Dec 11, 2000
    risk 0.00cvss epss 0.03

    Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.

  • CVE-2000-1031Dec 11, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

  • CVE-2000-1057Dec 11, 2000
    risk 0.00cvss epss 0.00

    Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.

  • CVE-2000-1063Dec 11, 2000
    risk 0.00cvss epss 0.03

    Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.

  • CVE-2000-1065Dec 11, 2000
    risk 0.00cvss epss 0.03

    Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet.

  • CVE-2000-1062Dec 11, 2000
    risk 0.00cvss epss 0.03

    Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.

  • CVE-2000-0754Oct 20, 2000
    risk 0.00cvss epss 0.01

    Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.

  • CVE-2000-0801Oct 20, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.