Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hp\-Ux
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 293 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-03-07 | CVE-2002-1337 | Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | Linux, Alphaserver_sc, Hp\-Ux, Netbsd, Solaris, Sendmail, Sunos, Bsdos, Platform_sa | N/A | ||
| 1997-02-06 | CVE-1999-0046 | Buffer overflow of rlogin program using TERM environmental variable. | Bsd_os, Debian_linux, Ultrix, Freebsd, Hp\-Ux, Aix, Netbsd, Nextstep, Solaris, Sunos | N/A | ||
| 2001-06-18 | CVE-2001-0249 | Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | Hp\-Ux, Solaris, Irix | 9.8 | ||
| 2001-06-18 | CVE-2001-0248 | Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | Hp\-Ux, Irix | 9.8 | ||
| 2005-02-09 | CVE-2004-0940 | Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | Http_server, Hp\-Ux, Openpkg, Slackware_linux, Suse_linux, Secure_linux | 7.8 | ||
| 2000-12-19 | CVE-2000-0972 | HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | Hp\-Ux | 5.5 | ||
| 2004-11-23 | CVE-2004-0079 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server | 7.5 | ||
| 2000-07-07 | CVE-2000-0573 | The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | Hp\-Ux | N/A | ||
| 2000-02-17 | CVE-2000-0159 | HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | Hp\-Ux | N/A | ||
| 2000-06-02 | CVE-2000-0468 | man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | Hp\-Ux | N/A |