kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files.
CVSS Score
1.2
EPSS Score
0.003
Published
2001-06-11
Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-05-22
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-03-26
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-01-09
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
CVSS Score
7.5
EPSS Score
0.013
Published
1998-08-01
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
CVSS Score
5.0
EPSS Score
0.036
Published
1997-12-16
swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.
CVSS Score
7.2
EPSS Score
0.001
Published
1996-12-19
HP Remote Watch allows a remote user to gain root access.
CVSS Score
10.0
EPSS Score
0.007
Published
1996-10-01
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
CVSS Score
1.9
EPSS Score
0.001
Published
1996-04-18
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
1994-06-01