CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-2016
https://notcve.org/view.php?id=CVE-2016-2016
Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user: entries, which allows local users to bypass intended access restrictions by leveraging the configuration of a parent directory. Base-VxFS-50 B.05.00.01 hasta la versión B.05.00.02, Base-VxFS-501 B.05.01.0 hasta la versión B.05.01.03, y Base-VxFS-51 B.05.10.00 hasta la versión B.05.10.02 en HPE HP-UX 11iv3 con VxFS 5.0, VxFS 5.0.1 y VxFS 5.1SP1 no maneja correctamente la herencia ACL para default:class: entries, default:other: entries y default:user: entries, lo que permite a usuarios locales eludir las restricciones destinadas al acceso aprovechando la configuración de un directorio padre. • http://www.securitytracker.com/id/1035816 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121749 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1987
https://notcve.org/view.php?id=CVE-2016-1987
HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets. HPE IPFilter A.11.31.18.21 en HP-UX, cuando cierta configuración de estado guardado se encuentra habilitada, permite a atacantes remotos causar una denegación de servicio a través de paquetes UDP no especificados. • http://www.securitytracker.com/id/1035026 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04974114 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 87EXPL: 0CVE-2015-5434
https://notcve.org/view.php?id=CVE-2015-5434
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping." HPE Networking Products, marcados originalmente como Comware 5, Comware 7, H3C o HP, permiten a atacantes remotos eludir las restricciones destinadas al acceso o provocar una denegación de servicio a través de "Virtual routing and forwarding (VRF) hopping." • http://www.securityfocus.com/bid/79869 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04779492 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2126
https://notcve.org/view.php?id=CVE-2015-2126
Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions. Vulnerabilidad no especificada en pppoec en HP HP-UX 11iv2 y 11iv3 permite a usuarios locales ganar privilegios mediante el aprovechamiento de permisos setuid. • http://www.securityfocus.com/bid/75462 http://www.securitytracker.com/id/1032746 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04718530 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 20EXPL: 0CVE-2015-3317
https://notcve.org/view.php?id=CVE-2015-3317
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors. CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (también conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no realiza correctamente la comprobación de límites, lo que permite a usuarios locales ganar privilegios a través de vectores no especificados. • http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx http://www.securityfocus.com/bid/75033 http://www.securitytracker.com/id/1032512 http://www.securitytracker.com/id/1032513 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •