Tru64 Security Vulnerabilities
ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by...
7AI Score
0.002EPSS
portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of...
7AI Score
0.002EPSS
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment...
8.2AI Score
0.007EPSS
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using...
7.1AI Score
0.087EPSS
Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be...
6.5AI Score
0.005EPSS
Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack...
6.9AI Score
0.007EPSS
ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain...
7.2AI Score
0.003EPSS
Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified...
6.7AI Score
0.0004EPSS
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified...
6.2AI Score
0.0004EPSS
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page...
5.7AI Score
0.002EPSS
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as...
6.5AI Score
0.002EPSS
Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions (OSIS) 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack...
7.5AI Score
0.004EPSS
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry....
8.1AI Score
0.164EPSS
Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and...
6.5AI Score
0.12EPSS
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot...
7.5AI Score
0.05EPSS
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject...
6.7AI Score
0.044EPSS
Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment...
6.5AI Score
0.0004EPSS
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by...
5.7AI Score
0.175EPSS
Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has...
7.7AI Score
0.139EPSS
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period...
7.7AI Score
0.139EPSS
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a...
6.6AI Score
0.047EPSS
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague...
6.2AI Score
0.035EPSS
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has...
7.7AI Score
0.139EPSS
Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack...
7.3AI Score
0.016EPSS
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat...
8.6AI Score
0.003EPSS
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2)...
7.2AI Score
0.048EPSS
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to...
6.2AI Score
0.0004EPSS
Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment...
7.2AI Score
0.001EPSS
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment)...
7.4AI Score
0.001EPSS
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via...
6.9AI Score
0.064EPSS
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service...
6.2AI Score
0.004EPSS
The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object...
7AI Score
0.005EPSS
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its...
6.8AI Score
0.004EPSS
Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3)...
8.1AI Score
0.023EPSS
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6)...
7.2AI Score
0.001EPSS
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9)...
8.1AI Score
0.04EPSS
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of...
6.6AI Score
0.0004EPSS
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary...
7.7AI Score
0.0004EPSS
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain...
7.2AI Score
0.0004EPSS
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to...
7.8AI Score
0.001EPSS
Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain...
7.2AI Score
0.0004EPSS
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2)...
7.9AI Score
0.0004EPSS
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5)...
7.2AI Score
0.0004EPSS
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary...
7.7AI Score
0.0004EPSS
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to...
7.8AI Score
0.0004EPSS
Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain...
7.2AI Score
0.0004EPSS
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain...
7.2AI Score
0.001EPSS
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and...
6.6AI Score
0.0004EPSS
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring...
7.2AI Score
0.009EPSS
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's...
6.8AI Score
0.002EPSS