CVSS: 7.8EPSS: 3%CPEs: 3EXPL: 0CVE-2008-4418
https://notcve.org/view.php?id=CVE-2008-4418
Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors. Vulnerabilidad inespecífica en DCE en HP HP-UX B.11.11, B.11.23, y B.11.31 permite a atacantes remotos provocar una denegación de servicio a través de vectores no conocidos. • http://marc.info/?l=bugtraq&m=122893704624601&w=2 http://osvdb.org/50679 http://securityreason.com/securityalert/4705 http://securitytracker.com/id?1021377 http://www.securityfocus.com/bid/32754 http://www.vupen.com/english/advisories/2008/3411 •
CVSS: 6.2EPSS: 0%CPEs: 70EXPL: 0CVE-2008-4413
https://notcve.org/view.php?id=CVE-2008-4413
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. Vulnerabilidad no especificada en HP System Management Homepage (SMH) v2.2.6 y anteriores en HP-UX B.11.11 y B.11.23, y SMH 2.2.6 y 2.2.8 y anteriores en HP-UX B.11.23 y B.11.31; permite a usuarios locales obtener "acceso no autorizado" a través de vectores desconocidos. Puede que esté relacionado con los permisos de los ficheros temporales. • http://marc.info/?l=bugtraq&m=122581539223159&w=2 http://osvdb.org/49521 http://secunia.com/advisories/32544 http://securityreason.com/securityalert/4545 http://www.securitytracker.com/id?1021133 http://www.vupen.com/english/advisories/2008/2999 https://exchange.xforce.ibmcloud.com/vulnerabilities/46313 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1668
https://notcve.org/view.php?id=CVE-2008-1668
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain privileges, as demonstrated by a login attempt for an LDAP account when nsswitch.conf does not specify LDAP for passwd information. El archivo ftpd.c en (1) wu-ftpd versiones 2.4.2 y (2) ftpd en HP-UX de HP versión B.11.11, asigna uid 0 al cliente FTP en ciertas configuraciones erróneas del sistema operativo en las que la autenticación PAM puede tener éxito aunque no hay ninguna entrada de passwd disponible para un usuario, lo que permite a los atacantes remotos alcanzar privilegios, como es demostrado por un intento de inicio de sesión para una cuenta LDAP cuando nsswitch.conf no especifica LDAP para la información de passwd. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01525562 http://secunia.com/advisories/31471 http://www.openwall.com/lists/oss-security/2008/08/20/4 http://www.securityfocus.com/bid/30666 http://www.securitytracker.com/id?1020682 http://www.vupen.com/english/advisories/2008/2364 https://exchange.xforce.ibmcloud.com/vulnerabilities/44414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5971 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2008-1662
https://notcve.org/view.php?id=CVE-2008-1662
Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list." Vulnerabilidad no especificada en HP System Administration Manager (SAM) sobre HP-UX B.11.11 y B.11.23, cuando se usa para configurar NFS. Puede permitir a atacantes remotos leer o modificar archivos de su elección, relacionados con una "lista de sistemas vacía." • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01367453 http://secunia.com/advisories/31309 http://securitytracker.com/id?1020580 http://www.securityfocus.com/bid/30449 http://www.vupen.com/english/advisories/2008/2258 https://exchange.xforce.ibmcloud.com/vulnerabilities/44119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5814 • CWE-16: Configuration •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1660
https://notcve.org/view.php?id=CVE-2008-1660
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors. Vulnerabilidad no especificada en useradd de HP-UX B.11.11, B.11.23 y B.11.31, permite a usuarios locales acceder a archivos arbitrariamente a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=121130252706976&w=2 http://secunia.com/advisories/30308 http://securitytracker.com/id?1020045 http://www.securityfocus.com/bid/29286 http://www.vupen.com/english/advisories/2008/1570 https://exchange.xforce.ibmcloud.com/vulnerabilities/42523 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5558 •