National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:hp:hp-ux:11.4
There are 24 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2006-5556

Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.

Published: October 27, 2006; 12:07:00 PM -04:00
V2: 4.6 MEDIUM
CVE-2006-5557

Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.

Published: October 27, 2006; 12:07:00 PM -04:00
V2: 4.6 MEDIUM
CVE-2006-5558

Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.

Published: October 27, 2006; 12:07:00 PM -04:00
V2: 10.0 HIGH
CVE-2006-5452

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

Published: October 23, 2006; 01:07:00 PM -04:00
V2: 4.6 MEDIUM
CVE-2006-4188

Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.

Published: August 16, 2006; 08:04:00 PM -04:00
V2: 5.0 MEDIUM
CVE-2006-3335

Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.

Published: July 02, 2006; 09:05:00 PM -04:00
V2: 7.2 HIGH
CVE-2006-2574

Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.

Published: May 24, 2006; 07:02:00 PM -04:00
V2: 7.2 HIGH
CVE-2006-1389

Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Published: March 24, 2006; 07:06:00 PM -05:00
V2: 7.8 HIGH
CVE-2006-0436

Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.

Published: January 26, 2006; 06:07:00 AM -05:00
V2: 7.2 HIGH
CVE-2005-4316

HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.

Published: December 17, 2005; 06:03:00 AM -05:00
V2: 7.8 HIGH
CVE-2005-2993

Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).

Published: September 20, 2005; 04:03:00 PM -04:00
V2: 1.7 LOW
CVE-2005-0547

Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."

Published: February 24, 2005; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2004-1328

Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2004-1332

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2004-2665

Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 4.9 MEDIUM
CVE-2004-1375

Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.

Published: December 23, 2004; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2004-1764

Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.

Published: January 14, 2004; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2002-2138

RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0772

Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

Published: October 18, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0219

Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW