National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:hp:hp-ux:11
There are 18 matching records.
Vuln ID Summary CVSS Severity
CVE-2004-0716

Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.

Published: August 06, 2004; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2003-1374

Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.

Published: December 31, 2003; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2002-2262

Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0772

Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

Published: October 18, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0607

asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

Published: August 22, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0311

Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.

Published: June 02, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0266

Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

Published: May 03, 2001; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2001-0219

Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2001-0105

Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.

Published: February 12, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2001-0106

Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.

Published: February 12, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2000-0083

HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.

Published: April 18, 2000; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-1999-0693

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

Published: March 02, 2000; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2000-0077

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.

Published: January 02, 2000; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2000-0078

The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.

Published: January 02, 2000; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-1999-1136

Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.

Published: July 30, 1998; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-1999-0502

A Unix account has a default, null, blank, or missing password.

Published: March 01, 1998; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-1999-1139

Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.

Published: September 01, 1997; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

Published: March 01, 1997; 12:00:00 AM -05:00
V2: 7.2 HIGH