CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2007-5008
https://notcve.org/view.php?id=CVE-2007-5008
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. El comando logins en HP-UX versiones B.11.31, B.11.23 y B.11.11, no reporta correctamente el estado de la contraseña, lo que permite a atacantes remotos alcanzar privilegios cuando no son detectados ciertos "password issues". • http://secunia.com/advisories/26873 http://www.securityfocus.com/bid/25740 http://www.securitytracker.com/id?1018709 http://www.vupen.com/english/advisories/2007/3230 https://exchange.xforce.ibmcloud.com/vulnerabilities/36702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5779 https://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c01167886 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2007-4590
https://notcve.org/view.php?id=CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. El comando get_system_info de Ignite-UX C.7.0 hasta C.7.3, y DynRootDisk (DRD) A.1.0.16.417 hasta A.2.0.0.5.92, en HP-UX B.11.11, B.11.23, y B.11.31 no informa a los usuarios locales de cambios de red realizados por el comando, lo cual tiene impacto y vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367 http://osvdb.org/37563 http://secunia.com/advisories/26599 http://securitytracker.com/id?1018607 http://www.securityfocus.com/bid/25469 http://www.vupen.com/english/advisories/2007/2985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5515 •
CVSS: 10.0EPSS: 31%CPEs: 2EXPL: 0CVE-2007-4241
https://notcve.org/view.php?id=CVE-2007-4241
Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781. Desbordamiento de búfer en ldcconn de Hewlett-Packard (HP) Controller para Cisco Local Director en HP-UX 11.11i permite a atacantes remotos ejecutar código de su elección mediante una cadena larga al puerto TCP 17781. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=572 http://secunia.com/advisories/26373 http://securitytracker.com/id?1018524 http://www.securityfocus.com/bid/25227 http://www.vupen.com/english/advisories/2007/2813 https://exchange.xforce.ibmcloud.com/vulnerabilities/35847 •
CVSS: 1.5EPSS: 0%CPEs: 3EXPL: 0CVE-2007-4179
https://notcve.org/view.php?id=CVE-2007-4179
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack of vendor details. Vulnerabilidad no especificada la funcionalidad de transporte Address and Routing Parameter Area (ARPA) de HP-UX B.11.11 y B.11.23 permite a usuarios locales provocar una denegación de servicio no especificada mediante vectores no especificados. NOTA: este asunto es probablemente diferente de CVE-2007-0916, pero no es debido a carencia de detalles del fabricante. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01090656 http://secunia.com/advisories/26279 http://www.securityfocus.com/bid/25165 http://www.securitytracker.com/id?1018501 http://www.vupen.com/english/advisories/2007/2758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5948 •
CVSS: 7.1EPSS: 3%CPEs: 3EXPL: 0CVE-2007-4125
https://notcve.org/view.php?id=CVE-2007-4125
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors. Vulnerabilidad no especificada en la funcionalidad de transporte Address and Routing Parameter Area (ARPA) de HP-UX B.11.11, B.11.23, y B.11.31 permite a atacantes remotos provocar una denegación de servicio mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01087206 http://secunia.com/advisories/26279 http://www.securityfocus.com/bid/25147 http://www.securitytracker.com/id?1018482 http://www.vupen.com/english/advisories/2007/2728 https://exchange.xforce.ibmcloud.com/vulnerabilities/35702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5243 •