Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-10-20
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
CVSS Score
10.0
EPSS Score
0.914
Published
2000-07-07
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.
CVSS Score
10.0
EPSS Score
0.015
Published
2000-06-07
man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack.
CVSS Score
4.6
EPSS Score
0.003
Published
2000-06-02
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-05-04
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-04-18
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
CVSS Score
5.0
EPSS Score
0.014
Published
2000-04-06
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.148
Published
2000-03-02
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
CVSS Score
7.5
EPSS Score
0.007
Published
2000-02-17
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
CVSS Score
5.0
EPSS Score
0.005
Published
2000-01-24