National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:hp:hp-ux:10.01
There are 50 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2004-1332

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2003-1356

The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.

Published: December 31, 2003; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

Published: December 31, 2003; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2003-1359

Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.

Published: December 31, 2003; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2003-1360

Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.

Published: December 31, 2003; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

Published: May 05, 2003; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

Published: May 05, 2003; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Published: April 02, 2003; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2001-1564

setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.

Published: December 31, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2001-1198

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

Published: December 15, 2001; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Published: December 12, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2001-0817

Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.

Published: December 06, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2001-0772

Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

Published: October 18, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0668

Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

Published: September 20, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0979

Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.

Published: September 03, 2001; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2001-0607

asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

Published: August 22, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0488

pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2001-0311

Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.

Published: June 02, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0266

Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

Published: May 03, 2001; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2001-0219

Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW