Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hp\-Ux
(Hp)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 293 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2007-04-12 | CVE-2007-1994 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as CVE-2007-0916. | Hp\-Ux | N/A | ||
2007-04-12 | CVE-2007-1993 | Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure 2." | Hp\-Ux | N/A | ||
2007-02-14 | CVE-2007-0916 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | Hp\-Ux | N/A | ||
2007-02-14 | CVE-2007-0915 | Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | Hp\-Ux | N/A | ||
2007-01-19 | CVE-2007-0396 | Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors. | Hp\-Ux | N/A | ||
2007-01-19 | CVE-2007-0394 | HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | Hp\-Ux | N/A | ||
2006-10-27 | CVE-2006-5558 | Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain. | Hp\-Ux | N/A | ||
2006-10-27 | CVE-2006-5557 | Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain. | Hp\-Ux | N/A | ||
2006-10-27 | CVE-2006-5556 | Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable. | Hp\-Ux | N/A | ||
2006-10-23 | CVE-2006-5452 | Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument. | Hp\-Ux, Tru64 | N/A |