CVSS: 7.5EPSS: 4%CPEs: 18EXPL: 2CVE-2007-1043 – Ezboo Webstats 3.03 - Administrative Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-1043
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. Ezboo webstats, posiblemente la 3.0.3, permite a atacantes remotos evitar la autenticación y obtener una vía de acceso mediante una petición directa al (1) update.php y (2) config.php. • https://www.exploit-db.com/exploits/29610 http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 http://osvdb.org/34181 http://securityreason.com/securityalert/2275 http://www.securityfocus.com/archive/1/460325/100/0/threaded http://www.securityfocus.com/bid/22590 https://exchange.xforce.ibmcloud.com/vulnerabilities/32563 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0915
https://notcve.org/view.php?id=CVE-2007-0915
Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. El demonio SLS distribuido (SLSd) en HP-UX B.11.11 permite a atacantes remotos sobrescribir ficheros y obtener privilegios mediante peticiones RPC. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=474 http://osvdb.org/33186 http://secunia.com/advisories/24169 http://www.securityfocus.com/bid/22551 http://www.securitytracker.com/id?1017630 http://www.vupen.com/english/advisories/2007/0590 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00862809 https://exchange.xforce.ibmcloud.com/vulnerabilities/32471 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-0916
https://notcve.org/view.php?id=CVE-2007-0916
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. Una vulnerabilidad no especificada en la funcionalidad de transporte del Address and Routing Parameter Area (ARPA) en HP-UX versiones B.11.11 y B.11.23, permite a usuarios locales causar una denegación de servicio no especificada por medio de vectores desconocidos. • http://osvdb.org/33198 http://secunia.com/advisories/24173 http://www.securityfocus.com/bid/22546 http://www.securitytracker.com/id?1017629 http://www.vupen.com/english/advisories/2007/0596 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00863839 https://exchange.xforce.ibmcloud.com/vulnerabilities/32468 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5239 •
CVSS: 7.1EPSS: 6%CPEs: 1EXPL: 0CVE-2007-0396
https://notcve.org/view.php?id=CVE-2007-0396
Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors. Vulnerabilidad no especificada en HP-UX B.11.23, cuando se está ejecutando IPFilter en combinación con PHNE_34474, permite a atacantes remotos provocar denegación de servicio (caida de sistema) a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00837319 http://osvdb.org/32869 http://secunia.com/advisories/23800 http://securitytracker.com/id?1017527 http://www.securityfocus.com/bid/22103 http://www.vupen.com/english/advisories/2007/0234 https://exchange.xforce.ibmcloud.com/vulnerabilities/31565 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6104 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0394
https://notcve.org/view.php?id=CVE-2007-0394
HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. HP HP-UX B11.1 no verifica adecuadamenet el estado del descriptor de fichero antes de la ejecución setuid, lo cual permite a un usuario local obtener privilegios a través del cierre del descriptor de fichero 0,1 o 2 y por tanto invocando un programa setuid, una variante de CVE-2002-0572. • http://www.securityfocus.com/archive/1/457279/100/0/threaded http://www.securityfocus.com/archive/1/457315/100/0/threaded •