| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2003-1495 |
264 |
|
DoS +Priv |
2003-12-31 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. |
|
2 |
CVE-2003-1494 |
399 |
|
DoS |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. |
|
3 |
CVE-2003-1493 |
|
|
DoS |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets. |
|
4 |
CVE-2003-1356 |
264 |
|
DoS |
2003-12-31 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. |
|
5 |
CVE-2003-1099 |
|
|
DoS Exec Code |
2003-12-31 |
2009-03-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. |
|
6 |
CVE-2003-1087 |
|
|
DoS |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. |
|
7 |
CVE-2003-0746 |
|
|
DoS |
2003-10-20 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such as the Blaster/MSblast/LovSAN worm. |
|
8 |
CVE-2003-0196 |
|
|
DoS Exec Code Overflow |
2003-05-05 |
2008-09-10 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. |
|
9 |
CVE-2003-0169 |
|
|
DoS |
2003-04-11 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. |
|
10 |
CVE-2003-0161 |
|
|
DoS Exec Code Overflow |
2003-04-02 |
2010-05-25 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. |
|
11 |
CVE-2002-1475 |
|
|
DoS |
2003-04-22 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service. |
|
12 |
CVE-2002-1474 |
|
|
DoS |
2003-04-22 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service. |
|
13 |
CVE-2002-1473 |
|
|
DoS Exec Code Overflow |
2003-04-22 |
2008-09-05 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. |
|
14 |
CVE-2002-1426 |
|
|
DoS Overflow |
2003-04-11 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. |
|
15 |
CVE-2002-1409 |
|
|
DoS |
2003-04-11 |
2009-03-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state." |
