Product:

Hp\-Ux

(Hp)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 292
Date Id Summary Products Score Patch Annotated
1997-10-29 CVE-1999-0097 The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). Hp\-Ux, Aix, Solaris, Sunos N/A
1997-11-01 CVE-1999-0216 Denial of service of inetd on Linux through SYN and RST packets. Inet, Hp\-Ux, Linux_kernel N/A
1998-01-05 CVE-1999-0513 ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. Unix, Freebsd, Hp\-Ux, Aix, Linux_kernel, Netbsd, Solaris, Sunos N/A
1998-03-01 CVE-1999-0502 A Unix account has a default, null, blank, or missing password. Hp\-Ux, Linux, Solaris, Sunos N/A
1998-08-01 CVE-1999-0333 HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. Hp\-Ux N/A
1999-03-01 CVE-1999-0435 MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. Hp\-Ux N/A
2000-12-20 CVE-1999-0307 Buffer overflow in HP-UX cstm program allows local users to gain root privileges. Hp\-Ux N/A
2014-07-17 CVE-2014-2490 Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Debian_linux, Hp\-Ux, Jdk, Jre N/A
2019-01-16 CVE-2018-5740 "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. Ubuntu_linux, Debian_linux, Hp\-Ux, Bind, Data_ontap_edge, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation 7.5
2004-11-23 CVE-2004-0081 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server N/A