Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hp\-Ux
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 293 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-12-15 | CVE-2003-0089 | Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | Hp\-Ux | N/A | ||
| 2003-03-03 | CVE-2003-0064 | The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | Hp\-Ux, Aix, Irix, Solaris, Sunos | N/A | ||
| 2002-01-11 | CVE-2003-0061 | Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2363 | VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2270 | Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2262 | Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-2138 | RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. | Advanced_server_9000, Hp\-Ux | N/A | ||
| 2002-12-31 | CVE-2002-1794 | Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. | Hp\-Ux, Ldap\-Ux_integration | N/A | ||
| 2002-12-31 | CVE-2002-1668 | HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file. | Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800 | N/A | ||
| 2002-10-16 | CVE-2002-1618 | JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems. | Hp\-Ux, Jfs | N/A |