CVE-2007-6419
https://notcve.org/view.php?id=CVE-2007-6419
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Vulnerabilidad no especificada en rpc.yppasswdd en HP HP-UX B.11.11, B.11.23, y B.11.31 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01294324 http://secunia.com/advisories/28191 http://www.securityfocus.com/bid/26971 http://www.securitytracker.com/id?1019136 http://www.vupen.com/english/advisories/2007/4294 https://exchange.xforce.ibmcloud.com/vulnerabilities/39173 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5734 •
CVE-2007-6195 – Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-6195
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request. Un desbordamiento de búfer en la función sw_rpc_agent_init en swagentd en Software Distributor (SD) y posiblemente en otras aplicaciones DCE, en HP HP-UX versiones B.11.11 y B.11.23, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio por medio de argumentos malformados en una petición DCE RPC opcode 0x04. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP-UX operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function sw_rpc_agent_init (opcode 0x04) defined in swagentd. Specific malformed arguments can cause function pointers to be overwritten and thereby result in arbitrary code execution. • http://secunia.com/advisories/28087 http://www.securityfocus.com/archive/1/485260/100/0/threaded http://www.securityfocus.com/bid/26855 http://www.securitytracker.com/id?1019098 http://www.vupen.com/english/advisories/2007/4220 http://www.zerodayinitiative.com/advisories/ZDI-07-079.html http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01294212-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/39018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5946
https://notcve.org/view.php?id=CVE-2007-5946
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access. Vulnerabilidad no especificada en el emulador Aries PA-RISC sobre HP-UX B.11.23 y B.11.31 sobre la plataforma IA-64 permite a usuarios locales obtener accesos no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01241483 http://secunia.com/advisories/27606 http://securitytracker.com/id?1018925 http://www.securityfocus.com/bid/26383 http://www.vupen.com/english/advisories/2007/3820 https://exchange.xforce.ibmcloud.com/vulnerabilities/38361 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5548 •
CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 http://osvdb.org/37894 http://secunia.com/advisories/27265 http://www.securityfocus.com/bid/26093 http://www.vupen.com/english/advisories/2007/3526 https://exchange.xforce.ibmcloud.com/vulnerabilities/37231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871 •
CVE-2007-5302
https://notcve.org/view.php?id=CVE-2007-5302
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en HP System Management Homepage (SMH) en HP-UX versiones B.11.11, B.11.23 y B.11.31, y SMH versiones anteriores a 2.1.10 para Linux y Windows, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01183265 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01183597 http://osvdb.org/37603 http://secunia.com/advisories/27067 http://www.securityfocus.com/bid/25953 http://www.securitytracker.com/id?1018775 http://www.vupen.com/english/advisories/2007/3387 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5773 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •