| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information. |
| Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service. |
| ftp on HP-UX 11.00 allows local users to gain privileges. |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges. |
| Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). |
| Land IP denial of service. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. |
| movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. |
| Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files. |
| HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. |
| Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. |
| pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service. |
| Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. |
| MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. |
| Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. |
