Product:

Hp\-Ux

(Hp)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 293
Date Id Summary Products Score Patch Annotated
2003-05-19 CVE-2003-0333 Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. Hp\-Ux N/A
2003-05-05 CVE-2003-0201 Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Mac_os_x, Tru64, Cifs\-9000_server, Hp\-Ux, Samba, Samba\-Tng, Solaris, Sunos N/A
2003-05-05 CVE-2003-0196 Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. Tru64, Cifs\-9000_server, Hp\-Ux, Samba, Samba\-Tng, Solaris, Sunos N/A
2003-04-02 CVE-2003-0161 The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Tru64, Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800, Sis, Sendmail, Sendmail_switch, Solaris, Sunos N/A
2003-12-15 CVE-2003-0089 Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. Hp\-Ux N/A
2003-03-03 CVE-2003-0064 The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Hp\-Ux, Aix, Irix, Solaris, Sunos N/A
2002-01-11 CVE-2003-0061 Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. Hp\-Ux N/A
2002-12-31 CVE-2002-2363 VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. Hp\-Ux N/A
2002-12-31 CVE-2002-2270 Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. Hp\-Ux N/A
2002-12-31 CVE-2002-2262 Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. Hp\-Ux N/A