CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 y anteriores; NFS/ONCplus versión B.11.31_09 y anteriores sobre HP-UX de HP versiones B.11.11, B.11.23 y B.11.31; y IRIX de SGI versión 6.5, permiten a los atacantes remotos ejecutar código arbitrario por medio de una petición RPC que contiene especificadores de cadena de formato en un nombre de directorio no comprobado. • https://www.exploit-db.com/exploits/14407 http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc http://marc.info/?l=bugtraq&m=127428077629933&w=2 http://osvdb.org/64729 http://secunia.com/advisories/39835 http://secunia.com/advisories/39911 http://securitytracker.com/id?1024016 http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html http://www.ibm.com/support/docview.wss?uid=isg1IZ73590 http://www.ibm.com/support/docview.wss?uid=isg1IZ735 • CWE-134: Use of Externally-Controlled Format String •
CVE-2010-1030
https://notcve.org/view.php?id=CVE-2010-1030
Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP-UX B.11.31, con las reglas AudFilter habilitadas, permite a atacantes locales provocar una denegación de servicio mediante vectores desconocidos. • http://marc.info/?l=bugtraq&m=126996727024732&w=2 http://www.securityfocus.com/bid/39046 http://www.securitytracker.com/id?1023772 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11779 •
CVE-2010-0451
https://notcve.org/view.php?id=CVE-2010-0451
The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests. El proceso de instalación de NFS/ONCplus B.11.31_08 y versiones anteriores en HP HP-UX B.11.31 modifica la variable NFS_SERVER en el fichero nfsconf , lo que puede permitir a atacantes remotos la obtención de acceso al sistema de ficheros a través de peticiones NFS. • http://marc.info/?l=bugtraq&m=126962272413767&w=2 http://osvdb.org/63243 http://secunia.com/advisories/39111 http://securitytracker.com/id?1023758 http://www.securityfocus.com/bid/38982 http://www.vupen.com/english/advisories/2010/0731 https://exchange.xforce.ibmcloud.com/vulnerabilities/57216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12025 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-2682
https://notcve.org/view.php?id=CVE-2009-2682
Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors. Vulnerabilidad no especificada en control de acceso basado en rol (RBAC) en HP HP-UX vB.11.23 y vB.11.31 permite a los usuarios locales intenta evitar restricciones de acceso a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=125364434020838&w=2 http://secunia.com/advisories/36850 http://www.securityfocus.com/bid/36476 https://exchange.xforce.ibmcloud.com/vulnerabilities/53411 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6328 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-2679
https://notcve.org/view.php?id=CVE-2009-2679
Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors. Vulnerabilidad no esperada en bootpd en HP HP-UX vB.11.11, vB.11.23, y vB.11.31 permite a atacantes remotos causar una denegación de servicio a través de vectores no conocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01866324 http://secunia.com/advisories/36663 http://www.securityfocus.com/bid/36395 http://www.vupen.com/english/advisories/2009/2664 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5780 •