CVE-2008-4414
https://notcve.org/view.php?id=CVE-2008-4414
Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors. Vulnerabilidad no específica en el comando showfile AdvFS en HP Tru64 UNIX v5.1B-3 y 5.1B-4 permite a usuarios locales para obtener privilegios a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=122600765224240&w=2 http://secunia.com/advisories/32621 http://securityreason.com/securityalert/4567 http://securitytracker.com/alerts/2008/Nov/1021152.html http://www.securityfocus.com/bid/32160 http://www.vupen.com/english/advisories/2008/3050 https://exchange.xforce.ibmcloud.com/vulnerabilities/46414 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-6519
https://notcve.org/view.php?id=CVE-2007-6519
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors. Vulnerabilidad no especificada en File-on-File Mounting File System (FFM) en HP Tru64 UNIX 5.1B-4 y 5.1B-3 permite a usuarios locales provocar denegación de servicio (caida de demonio) a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389 http://secunia.com/advisories/28192 http://www.securityfocus.com/bid/26964 http://www.securitytracker.com/id?1019135 http://www.vupen.com/english/advisories/2007/4293 https://exchange.xforce.ibmcloud.com/vulnerabilities/39172 •
CVE-2007-6232 – ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-6232
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en index.php en FTP Admin 0.1.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro error en una acción de página de error. • https://www.exploit-db.com/exploits/4681 https://www.exploit-db.com/exploits/4684 http://secunia.com/advisories/27875 https://exchange.xforce.ibmcloud.com/vulnerabilities/38780 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-4938 – MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .avi con cierto "tamaño indx tratado" y valores nEntriesInuse, y un cierto valor wLongsPerEntry. • https://www.exploit-db.com/exploits/30578 http://osvdb.org/45940 http://secunia.com/advisories/27016 http://securityreason.com/securityalert/3144 http://www.mandriva.com/security/advisories?name=MDKSA-2007:192 http://www.securityfocus.com/archive/1/479222/100/0/threaded http://www.securityfocus.com/bid/25648 http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/36581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-2791 – HP Tru64 - Remote Secure Shell User Enumeration
https://notcve.org/view.php?id=CVE-2007-2791
Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout. Vulnerabilidad no especificada en Secure Shell (SSH) en HP Tru64 UNIX 5.1B-4 y 5.1B-3 permite a atacantes remotos identificar usuarios válidos a través de vectores no especificados, posiblemente relacionados con ataques oportunos y AuthInteractiveFailureRandomTimeout. • https://www.exploit-db.com/exploits/4032 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01007552 http://osvdb.org/36204 http://secunia.com/advisories/24036 http://www.securityfocus.com/bid/24021 http://www.securitytracker.com/id?1018065 http://www.vupen.com/english/advisories/2007/1851 https://exchange.xforce.ibmcloud.com/vulnerabilities/34329 •