| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in HP-UX newgrp program. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
| Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. |
| ftp on HP-UX 11.00 allows local users to gain privileges. |
| Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. |
| Denial of service in HP-UX SharedX recserv program. |
| Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges. |
| Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option. |
| HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. |
| Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems. |
| Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. |
