Vulnerabilities > HP > HP UX
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-02-09 | CVE-2004-0965 | Local Privilege Escalation vulnerability in HP-UX STMKFONT stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. | 7.2 |
| 2005-02-09 | CVE-2004-0940 | Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | 7.8 |
| 2004-12-31 | CVE-2004-2753 | Local Insecure File Access vulnerability in HP SharedX Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner." | 5.6 |
| 2004-12-31 | CVE-2004-2693 | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux 11.00/11.04/11.11 HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/. | 7.2 |
| 2004-12-31 | CVE-2004-2665 | Denial-Of-Service vulnerability in HP Hp-Ux 11.00/11.11/11.4 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors. | 4.9 |
| 2004-12-31 | CVE-2004-1332 | Buffer Overflow vulnerability in HP HP-UX FTP Server Debug Logging Mode Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. | 7.5 |
| 2004-12-31 | CVE-2004-1328 | Newgrp Local Privilege Escalation vulnerability in HP Hp-Ux 11.00/11.11/11.4 Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | 7.2 |
| 2004-12-31 | CVE-2004-0952 | Unspecified vulnerability in HP Hp-Ux HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. | 6.4 |
| 2004-12-31 | CVE-2004-0826 | Remote Heap Overflow vulnerability in Mozilla Network Security Services Library Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | 7.5 |
| 2004-12-23 | CVE-2004-1375 | Privilege Escalation vulnerability in HP-UX System Administration Manager Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. | 4.6 |