CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2008-3357
https://notcve.org/view.php?id=CVE-2008-3357
Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges via a crafted shared library, related to a "pointer overwrite vulnerability." Vulnerabilidad de búsqueda de ruta no confiable en ingvalidpw en Ingres 2.6, Ingres 2006 versión 1 (alias 9.0.4), y Ingres 2006 versión 2 (alias 9.1.0) en Linux y HP-UX, que permite a los usuarios locales aumentar privilegios a través de una librería compartida manipulada, relativo a una "vulnerabilidad de sobreescritura de puntero" • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733 http://secunia.com/advisories/31357 http://secunia.com/advisories/31398 http://securitytracker.com/id?1020614 http://www.ingres.com/support/security-alert-080108.php http://www.securityfocus.com/archive/1/495177/100/0/threaded http://www.securityfocus.com/bid/30512 http://www.vupen.com/english/advisories/2008/2292 http://www.vupen.com/english/advisories/2008/2313 https://exchange.xforce.ibmcloud.com/vulnerabiliti • CWE-426: Untrusted Search Path •
CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2008-3389
https://notcve.org/view.php?id=CVE-2008-3389
Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport. Desbordamiento de búfer basado en pila en la librería libbecompat en Ingres 2.6, Ingres 2006 versión 1 (alias 9.0.4), y Ingres 2006 versión 2 (alias 9.1.0) en Linux y HP-UX que permite a los usuarios locales aumentar sus privilegios estableciendo un valor largo de una variable de entorno antes de ejecutar (1) verifydb, (2) iimerge, or (3) csreport. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=732 http://secunia.com/advisories/31357 http://secunia.com/advisories/31398 http://securitytracker.com/id?1020615 http://www.ingres.com/support/security-alert-080108.php http://www.securityfocus.com/archive/1/495177/100/0/threaded http://www.securityfocus.com/bid/30512 http://www.vupen.com/english/advisories/2008/2292 http://www.vupen.com/english/advisories/2008/2313 https://exchange.xforce.ibmcloud.com/vulnerabiliti • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2008-1662
https://notcve.org/view.php?id=CVE-2008-1662
Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list." Vulnerabilidad no especificada en HP System Administration Manager (SAM) sobre HP-UX B.11.11 y B.11.23, cuando se usa para configurar NFS. Puede permitir a atacantes remotos leer o modificar archivos de su elección, relacionados con una "lista de sistemas vacía." • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01367453 http://secunia.com/advisories/31309 http://securitytracker.com/id?1020580 http://www.securityfocus.com/bid/30449 http://www.vupen.com/english/advisories/2008/2258 https://exchange.xforce.ibmcloud.com/vulnerabilities/44119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5814 • CWE-16: Configuration •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1660
https://notcve.org/view.php?id=CVE-2008-1660
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors. Vulnerabilidad no especificada en useradd de HP-UX B.11.11, B.11.23 y B.11.31, permite a usuarios locales acceder a archivos arbitrariamente a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=121130252706976&w=2 http://secunia.com/advisories/30308 http://securitytracker.com/id?1020045 http://www.securityfocus.com/bid/29286 http://www.vupen.com/english/advisories/2008/1570 https://exchange.xforce.ibmcloud.com/vulnerabilities/42523 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5558 •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0CVE-2008-0713
https://notcve.org/view.php?id=CVE-2008-0713
Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors. Vulnerabilidad no especificada en el servidor FTP de HP-UX B.11.11, B.11.23, y B.11.31 permite a usuarios remotos autenticados provocar una denegación de servicio (parada del servicio FTP) a través de vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01446326 http://secunia.com/advisories/30195 http://www.securityfocus.com/bid/29160 http://www.securitytracker.com/id?1020005 http://www.vupen.com/english/advisories/2008/1475/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42357 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5289 •