CVE-2011-4159
https://notcve.org/view.php?id=CVE-2011-4159
Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. Una vulnerabilidad no especificada en el Sistema de Gestión de la Administración (SAM) en EMS antes de A.04.20.11.04_01 en HP HP-UX B.11.11, B.11.23, B.11.31 permite a usuarios locales conseguir privilegios a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03089106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14353 •
CVE-2011-2398
https://notcve.org/view.php?id=CVE-2011-2398
Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el cargador dinámico en HP HP-UX B.11.11, B.11.23, y B.11.31 permite a usuarios locales obtener privilegios o provocar una denegación de servicio a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=130997622428494&w=2 http://secunia.com/advisories/45132 http://securityreason.com/securityalert/8303 http://securitytracker.com/id?1025749 http://www.osvdb.org/73616 http://www.securityfocus.com/bid/48577 https://exchange.xforce.ibmcloud.com/vulnerabilities/68399 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12615 •
CVE-2010-4108
https://notcve.org/view.php?id=CVE-2010-4108
HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors. HP HP-UX B.11.11, B.11.23 y B.11.31 no soporta de manera adecuada los procesos en hilo, lo que permite a atacantes remotos autenticados provocar una denegación de servicio a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02586517 http://secunia.com/advisories/42499 http://www.securityfocus.com/bid/45219 http://www.vupen.com/english/advisories/2010/3130 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11945 •
CVE-2010-2712
https://notcve.org/view.php?id=CVE-2010-2712
Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. Vulnerabilidad sin especificar en Software Distributor (sd) de HP HP-UX B.11.11, B.11.23 y B.11.31. Permite a usuarios locales escalar privilegios a través de vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02285980 http://secunia.com/advisories/41163 http://securitytracker.com/id?1024367 http://www.vupen.com/english/advisories/2010/2214 https://exchange.xforce.ibmcloud.com/vulnerabilities/61394 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7050 •
CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 y anteriores; NFS/ONCplus versión B.11.31_09 y anteriores sobre HP-UX de HP versiones B.11.11, B.11.23 y B.11.31; y IRIX de SGI versión 6.5, permiten a los atacantes remotos ejecutar código arbitrario por medio de una petición RPC que contiene especificadores de cadena de formato en un nombre de directorio no comprobado. • https://www.exploit-db.com/exploits/14407 http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc http://marc.info/?l=bugtraq&m=127428077629933&w=2 http://osvdb.org/64729 http://secunia.com/advisories/39835 http://secunia.com/advisories/39911 http://securitytracker.com/id?1024016 http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html http://www.ibm.com/support/docview.wss?uid=isg1IZ73590 http://www.ibm.com/support/docview.wss?uid=isg1IZ735 • CWE-134: Use of Externally-Controlled Format String •