| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information from SSL-encrypted sessions via PKCS #1. |
| Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such as the Blaster/MSblast/LovSAN worm. |
| Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). |
| A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. |
| Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. |
| HP Remote Watch allows a remote user to gain root access. |
| HP-UX gwind program allows users to modify arbitrary files. |
| HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. |
| HP ypbind allows attackers with root privileges to modify NIS data. |
| HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. |
| Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges. |
| Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files. |
| Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. |
| Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file. |
| Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service. |
| /sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service. |
| dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. |
| The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
