11.23 : Security Vulnerabilities

Cpe Name:cpe:/o:hp:hp-ux:11.23

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2012-0126		+Info	2012-03-28	2012-06-27	5.8	None	Remote	Medium	Not required	Partial	Partial	None
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.
2	CVE-2008-1664		DoS	2008-08-08	2009-03-04	7.8	None	Remote	Low	Not required	None	None	Complete
Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
3	CVE-2008-1660			2008-05-21	2009-03-04	6.3	None	Local	Medium	Not required	Complete	Complete	None
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.
4	CVE-2008-0713		DoS	2008-05-13	2009-03-04	6.8	None	Remote	Low	Single system	None	None	Complete
Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors.
5	CVE-2007-6419		DoS	2007-12-24	2009-03-04	7.8	None	Remote	Low	Not required	None	None	Complete
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
6	CVE-2007-6195	119	DoS Exec Code Overflow	2007-12-14	2011-05-13	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.
7	CVE-2007-5302	79	XSS	2007-10-09	2011-09-13	4.3	None	Remote	Medium	Not required	None	Partial	None
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
8	CVE-2007-5008	287		2007-09-20	2011-06-20	9.0	None	Remote	Low	Single system	Complete	Complete	Complete
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
9	CVE-2007-4590			2007-08-28	2009-03-04	3.3	None	Local	Medium	Not required	None	Partial	Partial
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
10	CVE-2007-4125		DoS	2007-08-01	2009-03-04	7.1	None	Remote	Medium	Not required	None	None	Complete
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.
11	CVE-2007-0916		DoS	2007-02-13	2011-04-06	4.9	None	Local	Low	Not required	None	None	Complete
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
12	CVE-2005-1192		DoS	2005-05-02	2008-09-10	5.0	None	Remote	Low	Not required	None	None	Partial
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
13	CVE-2004-1332		Exec Code Overflow	2004-12-31	2009-03-04	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
14	CVE-2004-0112		DoS	2004-11-23	2010-08-21	5.0	None	Remote	Low	Not required	None	None	Partial
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
15	CVE-2004-0081		DoS	2004-11-23	2010-08-21	5.0	None	Remote	Low	Not required	None	None	Partial
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
16	CVE-2004-0079		DoS	2004-11-23	2010-08-21	5.0	None	Remote	Low	Not required	None	None	Partial
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
17	CVE-2003-0951		+Priv	2003-12-15	2009-03-04	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.

Total number of vulnerabilities : 17 Page : 1 (This Page)