HP : Security Vulnerabilities, CVEs, (Overflow)

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.

Buffer overflow in NIS+, in Sun's rpc.nisd program.

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

Buffer overflow in xlock program allows local users to execute commands as root.

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

Buffer overflow of rlogin program using TERM environmental variable.

Buffer overflow in HP-UX newgrp program.

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

buffer overflow in HP xlock program.

Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

Buffer overflow in mstm in HP-UX allows local users to gain root access.

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.

Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.

Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.

Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.

Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.

Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem."

Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.

Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.

Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.