Hp Hp-Ux vulnerabilities

CVE-2001-0311 [MEDIUM] CVE-2001-0311: Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized acc Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.

CVE-2001-0551 [HIGH] CVE-2001-0551: Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by co Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.

CVE-2001-0266 [HIGH] CVE-2001-0266: Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain pri Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

CVE-2001-0219 [LOW] CVE-2001-0219: Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

CVE-2001-1439 [LOW] CVE-2001-1439: Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 a Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.

CVE-2001-0085 [HIGH] CVE-2001-0085: Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to ca Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.

CVE-2001-0106 [MEDIUM] CVE-2001-0106: Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of servi Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.

CVE-2001-0105 [LOW] CVE-2001-0105: Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the " Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.

CVE-2000-1126 [CRITICAL] CVE-2000-1126: Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to exec Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.

CVE-2000-1134 [HIGH] CVE-2000-1134: Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

CVE-2000-1127 [LOW] CVE-2000-1127: registrar in the HP resource monitor service allows local users to read and modify arbitrary files b registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.

CVE-1999-0307 [HIGH] CVE-1999-0307: Buffer overflow in HP-UX cstm program allows local users to gain root privileges. Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

CVE-2000-0966 [MEDIUM] CVE-2000-0966: Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows l Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.

CVE-2000-0972 [MEDIUM] CWE-59 CVE-2000-0972: HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symli HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.

CVE-2000-1028 [HIGH] CVE-2000-1028: Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l c Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.

CVE-2000-1031 [MEDIUM] CVE-2000-1031: Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to ex Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

CVE-2000-0699 [CRITICAL] CVE-2000-0699: Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of serv Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.

CVE-2000-0702 [HIGH] CVE-2000-0702: The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.

CVE-2000-0801 [HIGH] CVE-2000-0801: Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a lo Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.

CVE-2000-0730 [MEDIUM] CVE-2000-0730: Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges. Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.