HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-06-16
Updated
2023-06-29
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
Max CVSS
5.9
EPSS Score
93.44%
Published
2016-07-19
Updated
2020-08-25
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.
Max CVSS
5.8
EPSS Score
2.82%
Published
2012-03-28
Updated
2017-12-06
Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
5.0
EPSS Score
4.49%
Published
2006-08-17
Updated
2017-10-11
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
Max CVSS
5.0
EPSS Score
6.66%
Published
2005-05-02
Updated
2017-10-11
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
1.22%
Published
2005-02-10
Updated
2017-10-11
Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."
Max CVSS
5.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-29
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Max CVSS
5.0
EPSS Score
0.88%
Published
2004-09-16
Updated
2022-09-23
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
Max CVSS
5.1
EPSS Score
61.34%
Published
2004-07-27
Updated
2024-02-15
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
0.25%
Published
2004-11-23
Updated
2024-02-15
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-11-23
Updated
2021-11-08
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.
Max CVSS
5.0
EPSS Score
1.16%
Published
2003-12-31
Updated
2017-07-11
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
Max CVSS
5.0
EPSS Score
1.08%
Published
2002-12-31
Updated
2017-10-11
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.
Max CVSS
5.0
EPSS Score
1.53%
Published
2002-12-31
Updated
2017-10-12
Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.28%
Published
2002-06-18
Updated
2017-10-11
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
Max CVSS
5.0
EPSS Score
1.18%
Published
2001-07-07
Updated
2018-10-30
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.
Max CVSS
5.0
EPSS Score
1.38%
Published
2001-10-01
Updated
2017-12-19
Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.
Max CVSS
5.0
EPSS Score
0.12%
Published
2001-02-12
Updated
2017-10-10
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
Max CVSS
5.5
EPSS Score
0.04%
Published
2000-12-19
Updated
2024-01-26
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
Max CVSS
5.0
EPSS Score
0.23%
Published
2000-04-06
Updated
2008-09-10
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
Max CVSS
5.0
EPSS Score
0.28%
Published
2000-01-24
Updated
2008-09-10
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.12%
Published
1997-10-01
Updated
2017-12-19
Denial of service in HP-UX SharedX recserv program.
Max CVSS
5.0
EPSS Score
1.82%
Published
1998-09-03
Updated
2008-09-09
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
Max CVSS
5.0
EPSS Score
0.15%
Published
1999-05-07
Updated
2008-09-09
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
Max CVSS
5.0
EPSS Score
14.31%
Published
1998-01-05
Updated
2022-08-17
31 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!