HP : Security Vulnerabilities, CVEs, Published In 2004 CVSS score >= 6
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.
Max CVSS
7.5
EPSS Score
2.09%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-01-14
Updated
2017-10-11
Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.
Max CVSS
7.5
EPSS Score
0.98%
Published
2004-12-31
Updated
2017-07-11
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
Max CVSS
7.5
EPSS Score
25.50%
Published
2004-12-31
Updated
2017-10-11
Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
Max CVSS
7.5
EPSS Score
0.26%
Published
2004-02-03
Updated
2018-10-30
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.
Max CVSS
6.4
EPSS Score
4.02%
Published
2004-12-31
Updated
2017-10-11
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information.
Max CVSS
7.5
EPSS Score
3.66%
Published
2004-12-31
Updated
2018-10-30
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Max CVSS
7.5
EPSS Score
1.80%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.
Max CVSS
10.0
EPSS Score
4.30%
Published
2004-08-06
Updated
2008-10-24
HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.
Max CVSS
7.5
EPSS Score
1.10%
Published
2004-07-27
Updated
2017-07-11
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Max CVSS
10.0
EPSS Score
1.23%
Published
2004-08-06
Updated
2021-06-06
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Max CVSS
7.5
EPSS Score
0.57%
Published
2004-11-23
Updated
2023-12-28
14 vulnerabilities found