This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Hp First view 1996-06-26
Product Hp-Ux Last view 2002-12-31
Version 10 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:hp:hp-ux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5 2002-12-31 CVE-2002-2262

Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.

4.6 2001-10-18 CVE-2001-0772

Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.

4.6 2001-08-22 CVE-2001-0607

asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

4.6 2001-06-02 CVE-2001-0311

Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.

7.2 2001-05-03 CVE-2001-0266

Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

2.1 2001-03-26 CVE-2001-0219

Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.

5 2001-02-12 CVE-2001-0106

Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.

2.1 2001-02-12 CVE-2001-0105

Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.

4.6 2000-04-18 CVE-2000-0083

HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.

7.2 2000-03-02 CVE-1999-0693

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

7.2 2000-01-02 CVE-2000-0078

The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.

7.2 2000-01-02 CVE-2000-0077

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.

7.2 1999-07-01 CVE-1999-0690

HP CDE program includes the current directory in root's PATH variable.

4.6 1998-07-30 CVE-1999-1136

Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.

5 1997-12-16 CVE-1999-0015

Teardrop IP denial of service.

5 1997-11-01 CVE-1999-0216

Denial of service of inetd on Linux through SYN and RST packets.

7.2 1997-09-01 CVE-1999-1139

Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.

4.6 1997-09-01 CVE-1999-1133

HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users.

7.2 1997-05-14 CVE-1999-0962

Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.

10 1997-02-02 CVE-1999-1160

Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges.

7.2 1997-01-09 CVE-1999-1088

Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.

7.2 1997-01-07 CVE-1999-1145

Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.

7.5 1997-01-01 CVE-1999-0517

An SNMP community name is the default (e.g. public), null, or missing.

7.2 1996-12-13 CVE-1999-1089

Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.

7.2 1996-11-03 CVE-1999-1161

Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-200 Information Exposure

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths

SAINT Exploits

Description Link
HP OpenView OmniBack directory traversal More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
60142 HP-UX xntpd Unspecified Remote DoS
11723 expreserve Race Condition Arbitrary File Overwrite Privilege Escalation
11354 HP-UX CDE PATH Variable Subversion Privilege Escalation
10871 Perl suidperl UID Change Failure Privilege Escalation
10384 HP-UX CDE Multiple Module Unspecified Overflows
9658 HP-UX ppl Forced Core Dump Privilege Escalation
9657 HP-UX kftpd Local/Remote Privilege Escalation
9656 HP-UX ftpd Local/Remote Privilege Escalation
9653 HP-UX CUE IOERROR.mytty Symlink Arbitrary File Overwrite
9652 HP-UX Predictive Data Transfer Information Disclosure
9643 HP-UX fpkg2swpk Local Privilege Escalation
9611 HP-UX 1999 aserver Path Subversion Local Privilege Escalation
9610 HP-UX 1998 aserver Path Subversion Local Privilege Escalation
9598 HP-UX chfn Command Line Argument Local Overflow
9597 HP-UX chsh Local Privilege Escalation
8215 HP-UX vuefile No Authentication Privilege Escalation
8214 HP-UX dtpad No Authentication Privilege Escalation
8213 HP-UX dtfile No Authentication Privilege Escalation
8212 HP-UX vuepad No Authentication Privilege Escalation
8025 HP-UX GlancePlus Local Privilege Escalation
7674 HP-UX asecure Unsafe Permission DoS
7181 HP-UX top Arbitrary sys Owned File Overwrite
7180 HP-UX inetd swait State DoS
7030 HP-UX Support Tools Manager stm DoS
7029 HP-UX Support Tools Manager cstm DoS

Snort® IPS/IDS

Date Description
2014-01-10 missing community string attempt
RuleID : 1893-community - Type : PROTOCOL-SNMP - Revision : 13
2014-01-10 missing community string attempt
RuleID : 1893 - Type : PROTOCOL-SNMP - Revision : 13
2014-01-10 null community string attempt
RuleID : 1892-community - Type : PROTOCOL-SNMP - Revision : 14
2014-01-10 null community string attempt
RuleID : 1892 - Type : PROTOCOL-SNMP - Revision : 14
2014-01-10 public access tcp
RuleID : 1412-community - Type : PROTOCOL-SNMP - Revision : 21
2014-01-10 public access tcp
RuleID : 1412 - Type : PROTOCOL-SNMP - Revision : 21
2014-01-10 public access udp
RuleID : 1411-community - Type : PROTOCOL-SNMP - Revision : 20
2014-01-10 public access udp
RuleID : 1411 - Type : PROTOCOL-SNMP - Revision : 20
2014-01-10 Openview Omni II command bypass attempt
RuleID : 11681 - Type : SERVER-OTHER - Revision : 6

Nessus® Vulnerability Scanner

id Description
2005-02-16 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHSS_14592.nasl - Type: ACT_GATHER_INFO
2002-11-25 Name: The community names of the remote SNMP server can be guessed.
File: snmp_default_communities.nasl - Type: ACT_GATHER_INFO
2002-11-25 Name: The community name of the remote SNMP server can be guessed.
File: snmp_default_public_community.nasl - Type: ACT_GATHER_INFO
1999-08-22 Name: Arbitrary code might be run on the remote host.
File: rpc_tooltalk.nasl - Type: ACT_GATHER_INFO
1999-06-22 Name: The remote system is affected by a denial of service vulnerability.
File: teardrop.nasl - Type: ACT_KILL_HOST