Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-4160 |
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. Published: November 23, 2011; 11:01:06 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 3.2 LOW |
CVE-2011-0343 |
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files. Published: January 28, 2011; 11:00:03 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-1556 |
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors. Published: May 14, 2010; 4:30:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2009-4777 |
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file." Published: April 21, 2010; 10:30:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-0451 |
The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests. Published: March 29, 2010; 6:30:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2008-4413 |
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. Published: November 04, 2008; 1:29:47 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2008-1664 |
Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors. Published: August 08, 2008; 3:41:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2008-3389 |
Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport. Published: August 05, 2008; 3:41:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2008-1660 |
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors. Published: May 21, 2008; 9:24:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.3 MEDIUM |
CVE-2008-0713 |
Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors. Published: May 13, 2008; 4:20:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2008-1659 |
Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors. Published: May 07, 2008; 8:20:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2008-0709 |
Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214. Published: April 07, 2008; 1:44:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2007-6425 |
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors. Published: January 23, 2008; 4:00:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-6419 |
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Published: December 24, 2007; 3:46:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-6232 |
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. Published: December 04, 2007; 1:46:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-5536 |
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Published: October 17, 2007; 8:17:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2007-5302 |
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: October 09, 2007; 2:17:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-5008 |
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. Published: September 20, 2007; 5:17:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2007-4938 |
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Published: September 18, 2007; 3:17:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2007-4590 |
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. Published: August 28, 2007; 9:17:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.3 LOW |