Filtered by vendor Hp
Subscribe
Search
Total
1323 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3296 | 1 Hp | 1 Hp-ux | 2017-10-11 | 10.0 HIGH | N/A |
| The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in. | |||||
| CVE-2005-3670 | 1 Hp | 3 Hp-ux, Jetdirect 635n, Tru64 | 2017-10-11 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2005-1192 | 1 Hp | 1 Hp-ux | 2017-10-11 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060. | |||||
| CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2017-10-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||||
| CVE-2002-2262 | 1 Hp | 1 Hp-ux | 2017-10-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | |||||
| CVE-2002-1794 | 1 Hp | 2 Hp-ux, Ldap-ux Integration | 2017-10-11 | 10.0 HIGH | N/A |
| Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. | |||||
| CVE-2003-0089 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | |||||
| CVE-2002-1618 | 1 Hp | 2 Hp-ux, Jfs | 2017-10-11 | 7.2 HIGH | N/A |
| JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems. | |||||
| CVE-2002-1409 | 1 Hp | 1 Hp-ux | 2017-10-11 | 2.1 LOW | N/A |
| ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state." | |||||
| CVE-2001-0607 | 1 Hp | 1 Hp-ux | 2017-10-11 | 4.6 MEDIUM | N/A |
| asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083. | |||||
| CVE-2002-0798 | 1 Hp | 1 Hp-ux | 2017-10-11 | 2.1 LOW | N/A |
| Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service. | |||||
| CVE-2003-0951 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.5 HIGH | N/A |
| Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges. | |||||
| CVE-2002-0585 | 1 Hp | 1 Hp-ux | 2017-10-11 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service. | |||||
| CVE-2002-0577 | 1 Hp | 1 Hp-ux | 2017-10-11 | 2.1 LOW | N/A |
| Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |||||
| CVE-2002-0279 | 1 Hp | 1 Hp-ux | 2017-10-11 | 4.6 MEDIUM | N/A |
| The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges. | |||||
| CVE-2001-1509 | 1 Hp | 1 Hp-ux | 2017-10-11 | 4.6 MEDIUM | N/A |
| geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges. | |||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | |||||
| CVE-2001-1182 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. | |||||
| CVE-2001-0809 | 1 Hp | 1 Hp-ux | 2017-10-11 | 2.1 LOW | N/A |
| Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources. | |||||
| CVE-2005-0547 | 1 Hp | 1 Hp-ux | 2017-10-11 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files." | |||||
| CVE-2005-0364 | 1 Hp | 1 Hp-ux | 2017-10-11 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service. | |||||
| CVE-2004-2693 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/. | |||||
| CVE-2004-2665 | 1 Hp | 1 Hp-ux | 2017-10-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors. | |||||
| CVE-2004-1764 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. | |||||
| CVE-2004-1375 | 1 Hp | 1 Hp-ux | 2017-10-11 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. | |||||
| CVE-2004-1332 | 1 Hp | 5 Hp-ux, Hp-ux Series 700, Hp-ux Series 800 and 2 more | 2017-10-11 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. | |||||
| CVE-2004-1328 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | |||||
| CVE-2004-0952 | 1 Hp | 1 Hp-ux | 2017-10-11 | 6.4 MEDIUM | N/A |
| HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. | |||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2017-10-11 | 9.3 HIGH | N/A |
| The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | |||||
| CVE-2004-0965 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. | |||||
| CVE-2003-1461 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473). | |||||
| CVE-2003-1375 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | |||||
| CVE-2003-1359 | 2 Avaya, Hp | 2 Predictive Dialer System, Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. | |||||
| CVE-2003-1356 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | |||||
| CVE-2003-1099 | 1 Hp | 1 Hp-ux | 2017-10-11 | 2.1 LOW | N/A |
| shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. | |||||
| CVE-2003-1098 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. | |||||
| CVE-2003-1097 | 1 Hp | 1 Hp-ux | 2017-10-11 | 7.2 HIGH | N/A |
| Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. | |||||
| CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2017-10-10 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
| CVE-2000-0966 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges. | |||||
| CVE-2000-0965 | 1 Hp | 1 Vvos | 2017-10-10 | 5.0 MEDIUM | N/A |
| The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization). | |||||
| CVE-2000-0702 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file. | |||||
| CVE-2000-0636 | 1 Hp | 1 Jetdirect | 2017-10-10 | 5.0 MEDIUM | N/A |
| HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. | |||||
| CVE-2000-0515 | 1 Hp | 1 Hp-ux | 2017-10-10 | 10.0 HIGH | N/A |
| The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges. | |||||
| CVE-1999-1249 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.6 MEDIUM | N/A |
| movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-2001-0981 | 1 Hp | 1 Cifs-9000 Server | 2017-10-10 | 10.0 HIGH | N/A |
| HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user. | |||||
| CVE-1999-1146 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges. | |||||
| CVE-1999-1145 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges. | |||||
| CVE-1999-1144 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. | |||||
| CVE-2001-0668 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0629 | 1 Hp | 1 Openview Network Node Manager | 2017-10-10 | 10.0 HIGH | N/A |
| HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter. | |||||