Page 16 of 157 results (0.015 seconds)

CVSS: 7.5EPSS: 0%CPEs: 91EXPL: 0

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. El emulador de terminal dtterm permite a atacantes modificar el título de la ventana mediante una cierta secuencia de carácter de escape, y a continuación insertarlo de nuevo en la linea de comandos del terminal del usuario, por ejemplo cuando el usuario ve un fichero conteniendo la secuencia maliciosa, lo que podría permitir al atacante ejecutar comandos arbitrarios. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://marc.info/?l=bugtraq&m=104612710031920&w=2 http://www.iss.net/security_center/static/11414.php http://www.securityfocus.com/advisories/6236 http://www.securityfocus.com/bid/6942 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. • http://archives.neohapsis.com/archives/hp/2002-q3/0064.html http://www.iss.net/security_center/static/9993.php http://www.securityfocus.com/bid/5583 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 0

RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. • http://online.securityfocus.com/advisories/4268 http://www.iss.net/security_center/static/9536.php http://www.securityfocus.com/bid/5195 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5654 •

CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0

The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. • http://www.securityfocus.com/advisories/4766 http://www.securityfocus.com/bid/6357 https://exchange.xforce.ibmcloud.com/vulnerabilities/10838 • CWE-16: Configuration •

CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0

Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. • http://online.securityfocus.com/advisories/4512 http://www.ciac.org/ciac/bulletins/n-006.shtml http://www.iss.net/security_center/static/10266.php http://www.securityfocus.com/bid/5839 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5593 •