CVE-2007-6195 – Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-6195
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request. Un desbordamiento de búfer en la función sw_rpc_agent_init en swagentd en Software Distributor (SD) y posiblemente en otras aplicaciones DCE, en HP HP-UX versiones B.11.11 y B.11.23, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio por medio de argumentos malformados en una petición DCE RPC opcode 0x04. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP-UX operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function sw_rpc_agent_init (opcode 0x04) defined in swagentd. Specific malformed arguments can cause function pointers to be overwritten and thereby result in arbitrary code execution. • http://secunia.com/advisories/28087 http://www.securityfocus.com/archive/1/485260/100/0/threaded http://www.securityfocus.com/bid/26855 http://www.securitytracker.com/id?1019098 http://www.vupen.com/english/advisories/2007/4220 http://www.zerodayinitiative.com/advisories/ZDI-07-079.html http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01294212-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/39018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 http://osvdb.org/37894 http://secunia.com/advisories/27265 http://www.securityfocus.com/bid/26093 http://www.vupen.com/english/advisories/2007/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/37231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871 •
CVE-2007-5302
https://notcve.org/view.php?id=CVE-2007-5302
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en HP System Management Homepage (SMH) en HP-UX versiones B.11.11, B.11.23 y B.11.31, y SMH versiones anteriores a 2.1.10 para Linux y Windows, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01183265 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01183597 http://osvdb.org/37603 http://secunia.com/advisories/27067 http://www.securityfocus.com/bid/25953 http://www.securitytracker.com/id?1018775 http://www.vupen.com/english/advisories/2007/3387 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5773 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-5008
https://notcve.org/view.php?id=CVE-2007-5008
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. El comando logins en HP-UX versiones B.11.31, B.11.23 y B.11.11, no reporta correctamente el estado de la contraseña, lo que permite a atacantes remotos alcanzar privilegios cuando no son detectados ciertos "password issues". • http://secunia.com/advisories/26873 http://www.securityfocus.com/bid/25740 http://www.securitytracker.com/id?1018709 http://www.vupen.com/english/advisories/2007/3230 https://exchange.xforce.ibmcloud.com/vulnerabilities/36702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5779 https://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c01167886 • CWE-287: Improper Authentication •
CVE-2007-4590
https://notcve.org/view.php?id=CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. El comando get_system_info de Ignite-UX C.7.0 hasta C.7.3, y DynRootDisk (DRD) A.1.0.16.417 hasta A.2.0.0.5.92, en HP-UX B.11.11, B.11.23, y B.11.31 no informa a los usuarios locales de cambios de red realizados por el comando, lo cual tiene impacto y vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367 http://osvdb.org/37563 http://secunia.com/advisories/26599 http://securitytracker.com/id?1018607 http://www.securityfocus.com/bid/25469 http://www.vupen.com/english/advisories/2007/2985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5515 •