CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities Published In 2000 (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-1057 +Priv 2000-12-11 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.
2 CVE-2000-1028 Overflow +Priv 2000-12-11 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
3 CVE-2000-0966 Overflow +Priv 2000-12-19 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.
4 CVE-2000-0801 Overflow +Priv 2000-10-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.
5 CVE-2000-0755 +Priv 2000-10-20 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.
6 CVE-2000-0730 +Priv 2000-10-20 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
7 CVE-2000-0616 +Priv 2000-06-26 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS.
8 CVE-2000-0515 +Priv 2000-06-07 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.
9 CVE-2000-0414 +Priv 2000-05-04 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
10 CVE-2000-0159 +Priv 2000-02-17 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
11 CVE-2000-0083 DoS +Priv 2000-04-18 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
12 CVE-2000-0078 +Priv 2000-01-02 2009-03-04
7.2
Admin Local Low Not required Complete Complete Complete
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
13 CVE-2000-0077 +Priv 2000-01-02 2009-03-04
7.2
Admin Local Low Not required Complete Complete Complete
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
14 CVE-1999-0693 Overflow +Priv 2000-03-02 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
15 CVE-1999-0307 Overflow +Priv 2000-12-20 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in HP-UX cstm program allows local users to gain root privileges.
Total number of vulnerabilities : 15   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.