High

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-0951	Unspecified vulnerability in HP Ignite-Ux C.6.2.241 The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information. network low complexity hp	7.5
2004-12-31	CVE-2004-0826	Remote Heap Overflow vulnerability in Mozilla Network Security Services Library Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. network low complexity mozilla netscape sun hp	7.5
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2004-07-27	CVE-2004-0709	Remote Access vulnerability in HP OpenView Select Access Unicode HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions. network low complexity hp	7.5
2004-02-03	CVE-2004-1082	mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. network low complexity apache apple avaya hp ibm openbsd sco sun	7.5
2004-01-14	CVE-2004-1764	Local Security vulnerability in HP-UX Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. local low complexity hp	7.2
2003-12-31	CVE-2003-1461	Buffer Errors vulnerability in HP Hp-Ux 11.00 Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. local low complexity hp CWE-119	7.2
2003-12-31	CVE-2003-1375	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Hp-Ux Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. local low complexity hp CWE-119	7.2
2003-12-31	CVE-2003-1362	Configuration vulnerability in HP Bastille B.02.00.05 Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. network low complexity hp CWE-16	7.8
2003-12-31	CVE-2003-1360	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Hp-Ux Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. local low complexity hp CWE-119	7.2