Hp: Security Vulnerabilities
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
CVSS Score
4.6
EPSS Score
0.006
Published
2006-10-27
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
CVSS Score
10.0
EPSS Score
0.041
Published
2006-10-27
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
CVSS Score
4.6
EPSS Score
0.002
Published
2006-10-23
Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain "unauthorized access" to a remote Repository Manager account and potentially gain privileges via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.009
Published
2006-10-17
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.045
Published
2006-10-05
Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.
CVSS Score
4.9
EPSS Score
0.003
Published
2006-10-03
Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to cause a denial of service (loss of connectivity to the classic interface) via attempted HTML injection into the "new monitor description" field.
CVSS Score
4.0
EPSS Score
0.003
Published
2006-10-03
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2006-09-29
Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-09-15
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
CVSS Score
4.6
EPSS Score
0.0
Published
2006-09-14