The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-01-02
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-01-02
HP CDE program includes the current directory in root's PATH variable.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-07-01
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
CVSS Score
7.5
EPSS Score
0.013
Published
1998-08-01
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
CVSS Score
4.6
EPSS Score
0.001
Published
1998-07-30
Teardrop IP denial of service.
CVSS Score
5.0
EPSS Score
0.259
Published
1997-12-16
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
CVSS Score
5.0
EPSS Score
0.036
Published
1997-12-16
Denial of service of inetd on Linux through SYN and RST packets.
CVSS Score
5.0
EPSS Score
0.006
Published
1997-11-01
HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users.
CVSS Score
4.6
EPSS Score
0.001
Published
1997-09-01
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
CVSS Score
7.2
EPSS Score
0.0
Published
1997-09-01