HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-04-18
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.188
Published
2000-03-02
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-01-02
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-01-02
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
CVSS Score
7.5
EPSS Score
0.013
Published
1998-08-01
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
CVSS Score
4.6
EPSS Score
0.001
Published
1998-07-30
A Unix account has a default, null, blank, or missing password.
CVSS Score
7.5
EPSS Score
0.423
Published
1998-03-01
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
CVSS Score
5.0
EPSS Score
0.036
Published
1997-12-16
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
CVSS Score
7.2
EPSS Score
0.0
Published
1997-09-01
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
CVSS Score
7.2
EPSS Score
0.001
Published
1997-03-01