| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors. |
| Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact. |
| Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges. |
| Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. |
| Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors. |
| kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files. |
| movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. |
| Local users can gain privileges using the debug utility in the MPE/iX operating system. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. |
| Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors. |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. |
| envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors. |
| Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service. |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. |
| Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. |
| The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in. |
| Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size." |
| Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. |
| The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473. |
