| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in HP-UX newgrp program. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Land IP denial of service. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Vacation program allows command execution by remote users through a sendmail command. |
| HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service. |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands. |
| The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. |
| Information from SSL-encrypted sessions via PKCS #1. |
| The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. |
| MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. |
| HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. |
