| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit. |
| HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000. |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. |
| Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. |
| The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. |
| Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges. |
| Buffer overflow in HP-UX cstm program allows local users to gain root privileges. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. |
| Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. |
