HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-06-16
Updated
2023-06-29
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
Max CVSS
5.9
EPSS Score
93.44%
Published
2016-07-19
Updated
2020-08-25

CVE-2015-4000

Public exploit
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Max CVSS
4.3
EPSS Score
97.46%
Published
2015-05-21
Updated
2023-02-09
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2014-10-30
Updated
2017-09-08
Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
4.3
EPSS Score
0.31%
Published
2014-03-14
Updated
2019-10-09
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.
Max CVSS
5.8
EPSS Score
2.82%
Published
2012-03-28
Updated
2017-12-06
Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.4
EPSS Score
0.04%
Published
2011-04-04
Updated
2011-04-21
Unspecified vulnerability in HP HP-UX B.11.11 allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2010-04-21
Updated
2017-09-19
Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.4
EPSS Score
0.04%
Published
2010-03-31
Updated
2017-09-19
The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests.
Max CVSS
4.0
EPSS Score
0.50%
Published
2010-03-29
Updated
2017-09-19
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2008-12-05
Updated
2017-09-29
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-10-18
Updated
2022-10-24
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.18%
Published
2007-10-09
Updated
2017-09-29
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as CVE-2007-0916.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-04-12
Updated
2017-10-11
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-02-14
Updated
2017-10-11
HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-01-19
Updated
2018-10-16
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Max CVSS
4.6
EPSS Score
0.04%
Published
2006-10-27
Updated
2017-10-19
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2006-10-27
Updated
2017-10-19
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-10-23
Updated
2018-10-17
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-09-14
Updated
2018-10-17
Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
5.0
EPSS Score
4.49%
Published
2006-08-17
Updated
2017-10-11
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
Max CVSS
4.9
EPSS Score
0.06%
Published
2006-06-23
Updated
2018-10-18
Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
Max CVSS
4.9
EPSS Score
0.09%
Published
2006-06-20
Updated
2018-10-18
/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.
Max CVSS
4.9
EPSS Score
0.06%
Published
2006-03-30
Updated
2017-10-11
Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-03-17
Updated
2017-10-11
91 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!