cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.
Max CVSS
10.0
EPSS Score
49.46%
Published
2007-12-15
Updated
2018-10-15
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
Max CVSS
9.0
EPSS Score
0.53%
Published
2007-09-20
Updated
2017-09-29
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Max CVSS
10.0
EPSS Score
0.24%
Published
2006-10-27
Updated
2017-10-19
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
Max CVSS
10.0
EPSS Score
2.34%
Published
2006-10-05
Updated
2018-10-17
Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact.
Max CVSS
10.0
EPSS Score
1.92%
Published
2005-12-08
Updated
2017-10-11
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
Max CVSS
9.3
EPSS Score
19.17%
Published
2005-03-01
Updated
2017-10-11
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!