Page 11 of 111 results (0.010 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. • http://archives.neohapsis.com/archives/hp/2003-q1/0033.html http://www.securityfocus.com/bid/6878 https://exchange.xforce.ibmcloud.com/vulnerabilities/11366 • CWE-16: Configuration •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. • https://www.exploit-db.com/exploits/22231 http://securityreason.com/securityalert/3264 http://www.securityfocus.com/advisories/5369 http://www.securityfocus.com/archive/1/310908 http://www.securityfocus.com/bid/6800 https://exchange.xforce.ibmcloud.com/vulnerabilities/11272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5439 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0

BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. • http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp http://www.securityfocus.com/bid/6719 https://exchange.xforce.ibmcloud.com/vulnerabilities/11220 •

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 3

Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. • https://www.exploit-db.com/exploits/22552 http://archives.neohapsis.com/archives/bugtraq/2003-04/0374.html http://www.ciac.org/ciac/bulletins/n-088.shtml http://www.kb.cert.org/vuls/id/322540 http://www.kb.cert.org/vuls/id/CRDY-5MJKM4 http://www.securityfocus.com/bid/7459 https://exchange.xforce.ibmcloud.com/vulnerabilities/11890 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5611 •

CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 2

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. • https://www.exploit-db.com/exploits/22248 http://securityreason.com/securityalert/3236 http://www.securityfocus.com/advisories/4960 http://www.securityfocus.com/archive/1/324381 http://www.securityfocus.com/bid/6837 https://exchange.xforce.ibmcloud.com/vulnerabilities/11312 • CWE-264: Permissions, Privileges, and Access Controls •