| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. |
| Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| Buffer overflow in HP-UX newgrp program. |
| Vacation program allows command execution by remote users through a sendmail command. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. |
| ftp on HP-UX 11.00 allows local users to gain privileges. |
| MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. |
| Denial of service in HP-UX SharedX recserv program. |
| Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option. |
| HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. |
