Page 2 of 76 results (0.003 seconds)

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 3

Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. • https://www.exploit-db.com/exploits/22552 http://archives.neohapsis.com/archives/bugtraq/2003-04/0374.html http://www.ciac.org/ciac/bulletins/n-088.shtml http://www.kb.cert.org/vuls/id/322540 http://www.kb.cert.org/vuls/id/CRDY-5MJKM4 http://www.securityfocus.com/bid/7459 https://exchange.xforce.ibmcloud.com/vulnerabilities/11890 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5611 •

CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 2

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. • https://www.exploit-db.com/exploits/22248 http://securityreason.com/securityalert/3236 http://www.securityfocus.com/advisories/4960 http://www.securityfocus.com/archive/1/324381 http://www.securityfocus.com/bid/6837 https://exchange.xforce.ibmcloud.com/vulnerabilities/11312 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0

Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. • http://securityreason.com/securityalert/3236 http://www.securityfocus.com/advisories/4957 http://www.securityfocus.com/archive/1/324381 http://www.securityfocus.com/bid/6834 https://exchange.xforce.ibmcloud.com/vulnerabilities/11314 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. • http://archives.neohapsis.com/archives/hp/2003-q1/0009.html http://www.securityfocus.com/bid/6640 https://exchange.xforce.ibmcloud.com/vulnerabilities/11107 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5758 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 4%CPEs: 77EXPL: 0

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. Múltiples desbordamientos de búfer en Samba anteriores a 2.2.8a puede permitir a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio, descubierto por el equipo de Samba y una vulnerabilidad distinta de CAN-2003-0201. • http://marc.info/?l=bugtraq&m=104973186901597&w=2 http://marc.info/?l=bugtraq&m=104974612519064&w=2 http://www.debian.org/security/2003/dsa-280 http://www.mandriva.com/security/advisories?name=MDKSA-2003:044 http://www.redhat.com/support/errata/RHSA-2003-137.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A564 https://access.redhat.com/security/cve/CVE-2003-0196 https://bugzilla.redhat.com/show_bug.cgi?id=1617001 •