CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2CVE-2003-1358 – HP-UX 10.x - rs.F3000 Unauthorized Access
https://notcve.org/view.php?id=CVE-2003-1358
31 Dec 2003 — rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. • https://www.exploit-db.com/exploits/22248 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 3CVE-2003-1359 – HP-UX 10.x - stmkfont Alternate Typeface Library Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-1359
31 Dec 2003 — Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. • https://www.exploit-db.com/exploits/22246 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2003-1360
https://notcve.org/view.php?id=CVE-2003-1360
31 Dec 2003 — Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. • http://securityreason.com/securityalert/3236 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 82%CPEs: 111EXPL: 2CVE-2003-0161 – Sendmail 8.12.8 (BSD) - 'Prescan()' Remote Command Execution
https://notcve.org/view.php?id=CVE-2003-0161
01 Apr 2003 — The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. • https://www.exploit-db.com/exploits/24 •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2002-2262
https://notcve.org/view.php?id=CVE-2002-2262
31 Dec 2002 — Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. • http://www.securityfocus.com/advisories/4764 •
CVSS: 10.0EPSS: 91%CPEs: 43EXPL: 9CVE-2001-0797 – System V Derived /bin/login - Extraneous Arguments Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0797
12 Dec 2001 — Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0772
https://notcve.org/view.php?id=CVE-2001-0772
12 Oct 2001 — Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. • http://archives.neohapsis.com/archives/hp/2001-q2/0044.html •