CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30903
https://notcve.org/view.php?id=CVE-2023-30903
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04474en_us •
CVSS: 5.8EPSS: 2%CPEs: 2EXPL: 0CVE-2012-0126
https://notcve.org/view.php?id=CVE-2012-0126
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125. Vulnerabilidad no especificada en la implementación de WBEM en HP HP-UX v11.11 y v11.23, permite a atacantes remotos obtener acceso a la información de diagnóstico a través de vectores desconocidos, una cuestión relacionada con CVE-2012-0125. • http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03221589 http://secunia.com/advisories/48593 http://www.securityfocus.com/bid/52734 http://www.securitytracker.com/id?1026849 https://exchange.xforce.ibmcloud.com/vulnerabilities/74390 •
CVSS: 6.2EPSS: 0%CPEs: 70EXPL: 0CVE-2008-4413
https://notcve.org/view.php?id=CVE-2008-4413
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. Vulnerabilidad no especificada en HP System Management Homepage (SMH) v2.2.6 y anteriores en HP-UX B.11.11 y B.11.23, y SMH 2.2.6 y 2.2.8 y anteriores en HP-UX B.11.23 y B.11.31; permite a usuarios locales obtener "acceso no autorizado" a través de vectores desconocidos. Puede que esté relacionado con los permisos de los ficheros temporales. • http://marc.info/?l=bugtraq&m=122581539223159&w=2 http://osvdb.org/49521 http://secunia.com/advisories/32544 http://securityreason.com/securityalert/4545 http://www.securitytracker.com/id?1021133 http://www.vupen.com/english/advisories/2008/2999 https://exchange.xforce.ibmcloud.com/vulnerabilities/46313 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1668
https://notcve.org/view.php?id=CVE-2008-1668
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain privileges, as demonstrated by a login attempt for an LDAP account when nsswitch.conf does not specify LDAP for passwd information. El archivo ftpd.c en (1) wu-ftpd versiones 2.4.2 y (2) ftpd en HP-UX de HP versión B.11.11, asigna uid 0 al cliente FTP en ciertas configuraciones erróneas del sistema operativo en las que la autenticación PAM puede tener éxito aunque no hay ninguna entrada de passwd disponible para un usuario, lo que permite a los atacantes remotos alcanzar privilegios, como es demostrado por un intento de inicio de sesión para una cuenta LDAP cuando nsswitch.conf no especifica LDAP para la información de passwd. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01525562 http://secunia.com/advisories/31471 http://www.openwall.com/lists/oss-security/2008/08/20/4 http://www.securityfocus.com/bid/30666 http://www.securitytracker.com/id?1020682 http://www.vupen.com/english/advisories/2008/2364 https://exchange.xforce.ibmcloud.com/vulnerabilities/44414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5971 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1660
https://notcve.org/view.php?id=CVE-2008-1660
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors. Vulnerabilidad no especificada en useradd de HP-UX B.11.11, B.11.23 y B.11.31, permite a usuarios locales acceder a archivos arbitrariamente a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=121130252706976&w=2 http://secunia.com/advisories/30308 http://securitytracker.com/id?1020045 http://www.securityfocus.com/bid/29286 http://www.vupen.com/english/advisories/2008/1570 https://exchange.xforce.ibmcloud.com/vulnerabilities/42523 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5558 •