11.00

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-1332	Buffer Overflow vulnerability in HP HP-UX FTP Server Debug Logging Mode Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. network low complexity hp	7.5
2004-12-31	CVE-2004-1328	Newgrp Local Privilege Escalation vulnerability in HP Hp-Ux 11.00/11.11/11.4 Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. local low complexity hp	7.2
2004-12-31	CVE-2004-0952	Unspecified vulnerability in HP Hp-Ux HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. network low complexity hp	6.4
2004-12-31	CVE-2004-0826	Remote Heap Overflow vulnerability in Mozilla Network Security Services Library Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. network low complexity mozilla netscape sun hp	7.5
2004-12-23	CVE-2004-1375	Privilege Escalation vulnerability in HP-UX System Administration Manager Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. local low complexity hp	4.6
2004-11-23	CVE-2004-0081	OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. network low complexity cisco symantec hp avaya freebsd openbsd redhat sco apple 4d checkpoint lite neoteris novell openssl sgi stonesoft vmware bluecoat securecomputing dell tarantella sun	5.0
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2004-01-14	CVE-2004-1764	Local Security vulnerability in HP-UX Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. local low complexity hp	7.2
2003-12-31	CVE-2003-1461	Buffer Errors vulnerability in HP Hp-Ux 11.00 Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. local low complexity hp CWE-119	7.2
2003-12-31	CVE-2003-1437	Unspecified vulnerability in BEA Weblogic Server 7.0/7.0.0.1 BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. local low complexity hp ibm microsoft redhat sun bea	2.1