HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-06-16
Updated
2023-06-29
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Max CVSS
10.0
EPSS Score
0.24%
Published
2006-10-27
Updated
2017-10-19
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Max CVSS
4.6
EPSS Score
0.04%
Published
2006-10-27
Updated
2017-10-19
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2006-10-27
Updated
2017-10-19
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-10-23
Updated
2018-10-17
Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
5.0
EPSS Score
4.49%
Published
2006-08-17
Updated
2017-10-11
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-07-03
Updated
2018-10-18
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-05-24
Updated
2018-10-18
Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
7.03%
Published
2006-03-25
Updated
2017-10-11
Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-01-26
Updated
2017-10-11
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
Max CVSS
7.8
EPSS Score
31.91%
Published
2005-12-17
Updated
2018-10-19
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).
Max CVSS
1.7
EPSS Score
0.37%
Published
2005-09-20
Updated
2018-10-19
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."
Max CVSS
4.6
EPSS Score
0.29%
Published
2005-02-24
Updated
2017-10-11
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-01-14
Updated
2017-10-11
Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-23
Updated
2017-10-11
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
Max CVSS
7.5
EPSS Score
25.50%
Published
2004-12-31
Updated
2017-10-11
Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.
Max CVSS
5.0
EPSS Score
1.53%
Published
2002-12-31
Updated
2017-10-12
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
Max CVSS
4.6
EPSS Score
0.05%
Published
2001-10-18
Updated
2017-12-19
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-03-26
Updated
2017-10-10
Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.
Max CVSS
5.0
EPSS Score
0.12%
Published
2001-02-12
Updated
2017-10-10
Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.
Max CVSS
10.0
EPSS Score
0.65%
Published
2001-01-09
Updated
2017-10-19
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.
Max CVSS
4.6
EPSS Score
0.04%
Published
2000-12-11
Updated
2018-05-03
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
Max CVSS
5.0
EPSS Score
0.23%
Published
2000-04-06
Updated
2008-09-10
25 vulnerabilities found