HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-06-16
Updated
2023-06-29
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
Max CVSS
5.9
EPSS Score
93.44%
Published
2016-07-19
Updated
2020-08-25
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.
Max CVSS
5.8
EPSS Score
2.82%
Published
2012-03-28
Updated
2017-12-06
Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
5.0
EPSS Score
4.49%
Published
2006-08-17
Updated
2017-10-11
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
Max CVSS
5.0
EPSS Score
6.66%
Published
2005-05-02
Updated
2017-10-11
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
1.22%
Published
2005-02-10
Updated
2017-10-11
Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."
Max CVSS
5.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-29
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Max CVSS
5.0
EPSS Score
0.88%
Published
2004-09-16
Updated
2022-09-23
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
Max CVSS
5.1
EPSS Score
61.34%
Published
2004-07-27
Updated
2024-02-15
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
0.25%
Published
2004-11-23
Updated
2024-02-15
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-11-23
Updated
2021-11-08
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.
Max CVSS
5.0
EPSS Score
1.16%
Published
2003-12-31
Updated
2017-07-11
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
Max CVSS
5.0
EPSS Score
1.08%
Published
2002-12-31
Updated
2017-10-11
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.
Max CVSS
5.0
EPSS Score
1.53%
Published
2002-12-31
Updated
2017-10-12
Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.28%
Published
2002-06-18
Updated
2017-10-11
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
Max CVSS
5.0
EPSS Score
1.18%
Published
2001-07-07
Updated
2018-10-30
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.
Max CVSS
5.0
EPSS Score
1.38%
Published
2001-10-01
Updated
2017-12-19
Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.
Max CVSS
5.0
EPSS Score
0.12%
Published
2001-02-12
Updated
2017-10-10
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
Max CVSS
5.5
EPSS Score
0.04%
Published
2000-12-19
Updated
2024-01-26
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
Max CVSS
5.0
EPSS Score
0.23%
Published
2000-04-06
Updated
2008-09-10
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
Max CVSS
5.0
EPSS Score
0.28%
Published
2000-01-24
Updated
2008-09-10
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.12%
Published
1997-10-01
Updated
2017-12-19
Denial of service in HP-UX SharedX recserv program.
Max CVSS
5.0
EPSS Score
1.82%
Published
1998-09-03
Updated
2008-09-09
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
Max CVSS
5.0
EPSS Score
0.15%
Published
1999-05-07
Updated
2008-09-09
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
Max CVSS
5.0
EPSS Score
14.31%
Published
1998-01-05
Updated
2022-08-17