Vulnerabilities > HP > HP UX > 11.00
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-31 | CVE-2003-1375 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Hp-Ux Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | 7.2 |
2003-12-31 | CVE-2003-1362 | Configuration vulnerability in HP Bastille B.02.00.05 Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | 7.8 |
2003-12-31 | CVE-2003-1359 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. | 7.2 |
2003-12-31 | CVE-2003-1358 | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | 7.2 |
2003-12-31 | CVE-2003-1356 | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | 7.2 |
2003-12-31 | CVE-2003-1099 | shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. | 2.1 |
2003-12-31 | CVE-2003-1097 | Remote Username Flag Local Buffer Overrun vulnerability in HP-UX RExec Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. | 7.2 |
2003-12-31 | CVE-2003-1087 | Network Traffic Denial Of Service vulnerability in HP-UX Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. | 5.0 |
2003-12-15 | CVE-2003-0914 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | 4.3 |
2003-12-15 | CVE-2003-0089 | Local Buffer Overrun vulnerability in HP-UX Software Distributor Lang Environment Variable Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | 7.2 |