CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP » Hp-ux » 11.23 Ia64 64-bit : Security Vulnerabilities

Cpe Name:cpe:/o:hp:hp-ux:11.23::ia64_64-bit
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-5946 2007-11-13 2017-09-28
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.
2 CVE-2007-0396 DoS 2007-01-19 2017-10-10
7.1
None Remote Medium Not required None None Complete
Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors.
3 CVE-2006-5558 Exec Code 2006-10-27 2017-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
4 CVE-2006-5452 Exec Code Overflow 2006-10-23 2018-10-17
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
5 CVE-2006-5151 2006-10-05 2018-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
6 CVE-2006-5091 +Priv 2006-09-29 2018-10-17
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
7 CVE-2006-4820 DoS 2006-09-15 2018-10-17
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
8 CVE-2006-4795 DoS 2006-09-14 2018-10-17
4.6
None Local Low Single system None None Complete
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
9 CVE-2006-4188 DoS 2006-08-16 2017-10-10
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
10 CVE-2006-4187 DoS 2006-08-16 2018-10-17
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors.
11 CVE-2006-3335 +Priv 2006-07-02 2018-10-18
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
12 CVE-2006-3201 DoS 2006-06-23 2018-10-18
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
13 CVE-2006-3097 DoS 2006-06-20 2018-10-18
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
14 CVE-2006-2574 +Priv 2006-05-24 2018-10-18
7.2
Admin Local Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
15 CVE-2006-1509 DoS 2006-03-29 2017-10-10
4.9
None Local Low Not required None None Complete
/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.
16 CVE-2006-1248 2006-03-17 2017-10-10
4.6
User Local Low Not required Partial Partial Partial
Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.
17 CVE-2005-4316 DoS 2005-12-17 2018-10-19
7.8
None Remote Low Not required None None Complete
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
18 CVE-2005-4090 2005-12-08 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact.
19 CVE-2005-3779 +Priv 2005-11-22 2017-10-10
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
20 CVE-2005-3670 DoS 2005-11-18 2017-10-10
7.8
None Remote Low Not required None None Complete
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
21 CVE-2005-3565 2005-11-16 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.
22 CVE-2005-2993 DoS 2005-09-20 2018-10-19
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).
23 CVE-2005-1771 2005-05-31 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to gain unauthorized access, possibly involving remshd and/or telnet -t.
24 CVE-2005-0547 2005-02-24 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."
25 CVE-2005-0364 DoS 2005-02-10 2017-10-10
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
26 CVE-2004-1375 +Priv 2004-12-23 2017-10-10
4.6
User Local Low Not required Partial Partial Partial
Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.
27 CVE-2004-1029 264 Exec Code 2005-03-01 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
28 CVE-2004-0965 Exec Code 2005-02-09 2017-10-10
7.2
Admin Local Low Not required Complete Complete Complete
stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.
29 CVE-2004-0952 2004-12-31 2017-10-10
6.4
None Remote Low Not required None Partial Partial
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.
30 CVE-2004-0826 Exec Code Overflow 2004-12-31 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
31 CVE-2004-0809 DoS 2004-09-16 2017-10-10
5.0
None Remote Low Not required None None Partial
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Total number of vulnerabilities : 31   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.