Shodan
Vulnerabilities
Vulnerable Software
Hp:  >> Hp-Ux  Security Vulnerabilities
CVE-2000-1127
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
CVSS Score
3.6
EPSS Score
0.005
Published
2001-01-09
CVE-2000-1134
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-01-09
CVE-1999-0307
Buffer overflow in HP-UX cstm program allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-12-20
CVE-2000-0966
Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-12-19
CVE-2000-0972
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
CVSS Score
5.5
EPSS Score
0.017
Published
2000-12-19
CVE-2000-1028
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-12-11
CVE-2000-1031
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.
CVSS Score
4.6
EPSS Score
0.004
Published
2000-12-11
CVE-2000-0699
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.
CVSS Score
10.0
EPSS Score
0.044
Published
2000-10-20
CVE-2000-0702
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-10-20
CVE-2000-0730
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-10-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved