Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hp\-Ux
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 293 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-05-19 | CVE-2003-0333 | Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. | Hp\-Ux | N/A | ||
| 2003-05-05 | CVE-2003-0201 | Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | Mac_os_x, Tru64, Cifs\-9000_server, Hp\-Ux, Samba, Samba\-Tng, Solaris, Sunos | N/A | ||
| 2003-05-05 | CVE-2003-0196 | Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | Tru64, Cifs\-9000_server, Hp\-Ux, Samba, Samba\-Tng, Solaris, Sunos | N/A | ||
| 2003-04-02 | CVE-2003-0161 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. | Tru64, Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800, Sis, Sendmail, Sendmail_switch, Solaris, Sunos | N/A | ||
| 2003-12-15 | CVE-2003-0089 | Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | Hp\-Ux | N/A | ||
| 2003-03-03 | CVE-2003-0064 | The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | Hp\-Ux, Aix, Irix, Solaris, Sunos | N/A | ||
| 2002-01-11 | CVE-2003-0061 | Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2363 | VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2270 | Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2262 | Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | Hp\-Ux | N/A |