| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473. |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. |
| envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors. |
| Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. |
| The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges. |
| Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| HP Remote Watch allows a remote user to gain root access. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. |
| rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. |
