CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 http://osvdb.org/37894 http://secunia.com/advisories/27265 http://www.securityfocus.com/bid/26093 http://www.vupen.com/english/advisories/2007/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/37231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2007-5302
https://notcve.org/view.php?id=CVE-2007-5302
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en HP System Management Homepage (SMH) en HP-UX versiones B.11.11, B.11.23 y B.11.31, y SMH versiones anteriores a 2.1.10 para Linux y Windows, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01183265 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01183597 http://osvdb.org/37603 http://secunia.com/advisories/27067 http://www.securityfocus.com/bid/25953 http://www.securitytracker.com/id?1018775 http://www.vupen.com/english/advisories/2007/3387 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5773 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2007-5008
https://notcve.org/view.php?id=CVE-2007-5008
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. El comando logins en HP-UX versiones B.11.31, B.11.23 y B.11.11, no reporta correctamente el estado de la contraseña, lo que permite a atacantes remotos alcanzar privilegios cuando no son detectados ciertos "password issues". • http://secunia.com/advisories/26873 http://www.securityfocus.com/bid/25740 http://www.securitytracker.com/id?1018709 http://www.vupen.com/english/advisories/2007/3230 https://exchange.xforce.ibmcloud.com/vulnerabilities/36702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5779 https://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c01167886 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2007-4590
https://notcve.org/view.php?id=CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. El comando get_system_info de Ignite-UX C.7.0 hasta C.7.3, y DynRootDisk (DRD) A.1.0.16.417 hasta A.2.0.0.5.92, en HP-UX B.11.11, B.11.23, y B.11.31 no informa a los usuarios locales de cambios de red realizados por el comando, lo cual tiene impacto y vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367 http://osvdb.org/37563 http://secunia.com/advisories/26599 http://securitytracker.com/id?1018607 http://www.securityfocus.com/bid/25469 http://www.vupen.com/english/advisories/2007/2985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5515 •
CVSS: 1.5EPSS: 0%CPEs: 3EXPL: 0CVE-2007-4179
https://notcve.org/view.php?id=CVE-2007-4179
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack of vendor details. Vulnerabilidad no especificada la funcionalidad de transporte Address and Routing Parameter Area (ARPA) de HP-UX B.11.11 y B.11.23 permite a usuarios locales provocar una denegación de servicio no especificada mediante vectores no especificados. NOTA: este asunto es probablemente diferente de CVE-2007-0916, pero no es debido a carencia de detalles del fabricante. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01090656 http://secunia.com/advisories/26279 http://www.securityfocus.com/bid/25165 http://www.securitytracker.com/id?1018501 http://www.vupen.com/english/advisories/2007/2758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5948 •