Hp Hp-Ux vulnerabilities

CVE-2005-3277 [CRITICAL] CVE-2005-3277: The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473.

CVE-2005-2993 [LOW] CVE-2005-2993: Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).

CVE-2005-1192 [MEDIUM] CVE-2005-1192: Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.

CVE-2004-1029 [CRITICAL] CWE-264 CVE-2004-1029: The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.

CVE-2005-0547 [MEDIUM] CVE-2005-0547: Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."

CVE-2005-0364 [MEDIUM] CVE-2005-0364: Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers t Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.

CVE-2004-0940 [HIGH] CWE-131 CVE-2004-0940: Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

CVE-2004-0965 [HIGH] CVE-2004-0965: stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain c stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.

CVE-2004-2693 [HIGH] CWE-264 CVE-2004-2693: HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory perm HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

CVE-2004-1328 [HIGH] CVE-2004-1328: Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain el Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.

CVE-2004-1332 [HIGH] CVE-2004-1332: Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, a Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

CVE-2004-0826 [HIGH] CVE-2004-0826: Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attacke Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

CVE-2004-0952 [MEDIUM] CVE-2004-0952: HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes t HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.

CVE-2004-2665 [MEDIUM] CVE-2004-2665: Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP- Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.

CVE-2004-2753 [MEDIUM] CVE-2004-2753: Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to ac Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."

CVE-2004-1375 [MEDIUM] CVE-2004-1375: Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.

CVE-2004-0079 [HIGH] CWE-476 CVE-2004-0079: The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVE-2004-0081 [MEDIUM] CVE-2004-0081: OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote atta OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVE-2004-0112 [MEDIUM] CWE-125 CVE-2004-0112: The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVE-2004-0809 [MEDIUM] CVE-2004-0809: The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.