Search criteria
99 vulnerabilities found for tru64 by hp
VAR-200704-0046
Vulnerability from variot - Updated: 2023-12-18 12:39Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/
TITLE: SAP RFC Library Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA24722
VERIFY ADVISORY: http://secunia.com/advisories/24722/
CRITICAL: Moderately critical
IMPACT: Exposure of sensitive information, DoS, System access
WHERE:
From local network
SOFTWARE: SAP RFC Library 7.x http://secunia.com/product/13851/ SAP RFC Library 6.x http://secunia.com/product/13850/
DESCRIPTION: Mariano Nu\xf1ez Di Croce has reported some vulnerabilities in SAP RFC Library, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) The "RFC_SET_REG_SERVER_PROPERTY" RFC function allows to define the exclusive use of the RFC Server. This can be exploited to cause a DoS by denying access to other clients.
4) Two unspecified errors exist within the "RFC_START_PROGRAM" RFC function.
5) An error within the "TRUSTED_SYSTEM_SECURITY" function can be exploited to gain knowledge about existing user accounts and groups on a RFC server.
The vulnerabilities are reported in SAP RFC Library versions 6.40 and 7.00. Other versions may also be affected.
SOLUTION: Reportedly, SAP released patches.
PROVIDED AND/OR DISCOVERED BY: Mariano Nu\xf1ez Di Croce
ORIGINAL ADVISORY: http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_GUI_RFC_Function_Buffer_Overflow.pdf http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_SYSTEM_CREATE_INSTANCE_RFC_Function_Buffer_Overflow.pdf http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200704-0046",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rfc library",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.0"
},
{
"model": "rfc library",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "6.4"
},
{
"model": "rfc library",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "6.40 20061211"
},
{
"model": "rfc library",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "7.00"
},
{
"model": "tru64",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "rfc library",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.00"
},
{
"model": "rfc library",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
}
],
"sources": [
{
"db": "BID",
"id": "23304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:os_400:gold:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ibm:os_400:v5r2m0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:ibm:racf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:ia32_64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:rfc_library:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:rfc_library:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1916"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mariano Nu\u0026ntilde;ez Di Croce\u203b mnunez@cybsec.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
],
"trust": 0.6
},
"cve": "CVE-2007-1916",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-1916",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-25278",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-1916",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200704-168",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-25278",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25278"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. \nAn attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\n----------------------------------------------------------------------\n\nSecunia customers receive relevant and filtered advisories. \nDelivery is done via different channels including SMS, Email, Web,\nand https based XML feed. \nhttp://corporate.secunia.com/trial/38/request/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP RFC Library Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA24722\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24722/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nExposure of sensitive information, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nSAP RFC Library 7.x\nhttp://secunia.com/product/13851/\nSAP RFC Library 6.x\nhttp://secunia.com/product/13850/\n\nDESCRIPTION:\nMariano Nu\\xf1ez Di Croce has reported some vulnerabilities in SAP RFC\nLibrary, which can be exploited by malicious people to disclose\npotentially sensitive information, cause a DoS (Denial of Service),\nand compromise a vulnerable system. \n\n1) The \"RFC_SET_REG_SERVER_PROPERTY\" RFC function allows to define\nthe exclusive use of the RFC Server. This can be exploited to cause a\nDoS by denying access to other clients. \n\n4) Two unspecified errors exist within the \"RFC_START_PROGRAM\" RFC\nfunction. \n\n5) An error within the \"TRUSTED_SYSTEM_SECURITY\" function can be\nexploited to gain knowledge about existing user accounts and groups\non a RFC server. \n\nThe vulnerabilities are reported in SAP RFC Library versions 6.40 and\n7.00. Other versions may also be affected. \n\nSOLUTION:\nReportedly, SAP released patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nMariano Nu\\xf1ez Di Croce\n\nORIGINAL ADVISORY:\nhttp://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf\nhttp://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_GUI_RFC_Function_Buffer_Overflow.pdf\nhttp://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf\nhttp://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_SYSTEM_CREATE_INSTANCE_RFC_Function_Buffer_Overflow.pdf\nhttp://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "BID",
"id": "23304"
},
{
"db": "VULHUB",
"id": "VHN-25278"
},
{
"db": "PACKETSTORM",
"id": "55699"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1916",
"trust": 2.5
},
{
"db": "BID",
"id": "23304",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "24722",
"trust": 1.8
},
{
"db": "SREASON",
"id": "2537",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-1270",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-25278",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "55699",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25278"
},
{
"db": "BID",
"id": "23304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "PACKETSTORM",
"id": "55699"
},
{
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"id": "VAR-200704-0046",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25278"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:39:52.593000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sap.com/index.epx"
},
{
"title": "SAP RFC_START_GUI RFC Fixes for function buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=163494"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1916"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.cybsec.com/vuln/cybsec-security_advisory_sap_rfc_start_gui_rfc_function_buffer_overflow.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/23304"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/464680/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24722"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2537"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/1270"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33420"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1916"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1916"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13850/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/trial/38/request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13851/"
},
{
"trust": 0.1,
"url": "http://www.cybsec.com/vuln/cybsec-security_advisory_sap_trusted_system_security_rfc_function_information_disclosure.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24722/"
},
{
"trust": 0.1,
"url": "http://www.cybsec.com/vuln/cybsec-security_advisory_sap_system_create_instance_rfc_function_buffer_overflow.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.cybsec.com/vuln/cybsec-security_advisory_sap_rfc_set_reg_server_property_rfc_function_denial_of_service.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.cybsec.com/vuln/cybsec-security_advisory_sap_rfc_start_program_rfc_function_multiple_vulnerabilities.pdf"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25278"
},
{
"db": "BID",
"id": "23304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "PACKETSTORM",
"id": "55699"
},
{
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25278"
},
{
"db": "BID",
"id": "23304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"db": "PACKETSTORM",
"id": "55699"
},
{
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-25278"
},
{
"date": "2007-04-04T00:00:00",
"db": "BID",
"id": "23304"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"date": "2007-04-07T19:35:58",
"db": "PACKETSTORM",
"id": "55699"
},
{
"date": "2007-04-10T23:19:00",
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"date": "2007-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-25278"
},
{
"date": "2007-04-05T17:12:00",
"db": "BID",
"id": "23304"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-005367"
},
{
"date": "2021-09-22T14:22:17.447000",
"db": "NVD",
"id": "CVE-2007-1916"
},
{
"date": "2021-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP RFC Library of RFC_START_GUI Buffer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-005367"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-168"
}
],
"trust": 0.6
}
}
VAR-199708-0008
Vulnerability from variot - Updated: 2023-12-18 11:28ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. McAfee Data Loss Prevention (DLP) is a set of data loss prevention solutions from McAfee. The solution protects intellectual property and ensures compliance by protecting the environment in which sensitive data resides (on-premise, in the cloud, or on the endpoint). Cross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in McAfee DLP. When the user browses the affected website, his browser will execute any script code provided by the attacker, which may cause the attacker to steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, or other forms may exist. s attack. Other attacks may also be possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199708-0008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "netware",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": null
},
{
"model": "macos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": null
},
{
"model": "os2",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": null
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": null
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "unix",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "kernel",
"scope": null,
"trust": 0.6,
"vendor": "linux",
"version": null
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.1"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.0"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.6"
},
{
"model": "network data loss prevention",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
}
],
"sources": [
{
"db": "BID",
"id": "61811"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:novell:netware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:os2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:tru64:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:sco_unix:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ANZ Bank, BAE Systems, Graham Bell of Stratsec.Detica, Jamie Ooi, DirecTV, Xylinx, and Telstra",
"sources": [
{
"db": "BID",
"id": "61811"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
],
"trust": 0.9
},
"cve": "CVE-1999-0524",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-522",
"impactScore": 0.0,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-1999-0524",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-199708-003",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-522",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. McAfee Data Loss Prevention (DLP) is a set of data loss prevention solutions from McAfee. The solution protects intellectual property and ensures compliance by protecting the environment in which sensitive data resides (on-premise, in the cloud, or on the endpoint). \nCross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in McAfee DLP. When the user browses the affected website, his browser will execute any script code provided by the attacker, which may cause the attacker to steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, or other forms may exist. s attack. Other attacks may also be possible",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "VULHUB",
"id": "VHN-522"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "MCAFEE",
"id": "SB10053",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-1999-0524",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "95",
"trust": 1.7
},
{
"db": "BID",
"id": "61811",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-522",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
]
},
"id": "VAR-199708-0008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:28:35.912000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10053"
},
{
"trust": 1.7,
"url": "http://descriptions.securescout.com/tc/11010"
},
{
"trust": 1.7,
"url": "http://descriptions.securescout.com/tc/11011"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/95"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/306"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/322"
},
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.6,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?cmd=displaykc\u0026externalid=1434"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/61811"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/us/products/data-protection/data-loss-prevention.aspx"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10053"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?cmd=displaykc\u0026amp;externalid=1434"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1997-08-01T00:00:00",
"db": "VULHUB",
"id": "VHN-522"
},
{
"date": "2013-08-13T00:00:00",
"db": "BID",
"id": "61811"
},
{
"date": "1997-08-01T04:00:00",
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"date": "1997-08-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"date": "2013-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-522"
},
{
"date": "2013-08-13T00:00:00",
"db": "BID",
"id": "61811"
},
{
"date": "2022-11-14T19:33:21.037000",
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"date": "2022-11-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"date": "2013-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux kernel Information disclosure vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
],
"trust": 0.6
}
}
VAR-200511-0016
Vulnerability from variot - Updated: 2022-05-29 20:09Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. HP-UX is prone to denial of service vulnerabilities. These issues are due to security flaws in HP's IPSec implementation. These vulnerabilities may be triggered by malformed IKE traffic. This issue was discovered with the PROTOS ISAKMP Test Suite and is related to the handling of malformed IKEv1 traffic.
TITLE: Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service
SECUNIA ADVISORY ID: SA17684
VERIFY ADVISORY: http://secunia.com/advisories/17684/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Symantec Gateway Security 400 Series http://secunia.com/product/6175/ Symantec Gateway Security 300 Series http://secunia.com/product/6176/ Symantec Gateway Security 3.x http://secunia.com/product/6177/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/
SOFTWARE: Symantec Enterprise Firewall (SEF) 8.x http://secunia.com/product/3587/
DESCRIPTION: Symantec has acknowledged a vulnerability in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service).
For more information: SA17553
Successful exploitation causes a DoS of the dynamic VPN services.
The vulnerability has been reported in the following products.
Symantec Enterprise Firewall version 8.0 (Windows): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html
Symantec Enterprise Firewall version 8.0 (Solaris): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html
Symantec Gateway Security 5000 Series version 3.0: Apply SGS3.0-2005114-02. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html
Symantec Gateway Security 5400 version 2.0.1: Apply SGS2.0.1-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html
Symantec Gateway Security 5310 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html
Symantec Gateway Security 5200/5300 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html
Symantec Gateway Security 5100: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html
Symantec Gateway Security 400 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html
Symantec Gateway Security 300 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html
Symantec Firewall /VPN Appliance 200/200R: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html
Symantec Firewall /VPN Appliance 100: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html
ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html
OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200511-0016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "5.1b1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "11.00"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "5.1b3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "11.23"
},
{
"model": "jetdirect 635n",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openswan linux ipsec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r54)"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55)"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55w)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "jetdirect 635n",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "security gateway rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "clavister",
"version": "8.60.01"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "clavister",
"version": "8.50.02"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "clavister",
"version": "8.40.05"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "clavister",
"version": "8.30.01"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 b-2 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:jetdirect_635n:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:tru64:5.1b1:pk4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to NISCC, CERT-FI, and the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
}
],
"trust": 0.9
},
"cve": "CVE-2005-3670",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3670",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3670",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#226364",
"trust": 0.8,
"value": "16.54"
},
{
"author": "CNNVD",
"id": "CNNVD-200511-250",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. HP-UX is prone to denial of service vulnerabilities. These issues are due to security flaws in HP\u0027s IPSec implementation. These vulnerabilities may be triggered by malformed IKE traffic. \nThis issue was discovered with the PROTOS ISAKMP Test Suite and is related to the handling of malformed IKEv1 traffic. \n\nTITLE:\nSymantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA17684\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17684/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Gateway Security 400 Series\nhttp://secunia.com/product/6175/\nSymantec Gateway Security 300 Series\nhttp://secunia.com/product/6176/\nSymantec Gateway Security 3.x\nhttp://secunia.com/product/6177/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\nSymantec Gateway Security 1.x\nhttp://secunia.com/product/876/\nSymantec Firewall/VPN Appliance 100/200/200R\nhttp://secunia.com/product/552/\n\nSOFTWARE:\nSymantec Enterprise Firewall (SEF) 8.x\nhttp://secunia.com/product/3587/\n\nDESCRIPTION:\nSymantec has acknowledged a vulnerability in various Symantec\nproducts, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nFor more information:\nSA17553\n\nSuccessful exploitation causes a DoS of the dynamic VPN services. \n\nThe vulnerability has been reported in the following products. \n\nSymantec Enterprise Firewall version 8.0 (Windows):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html\n\nSymantec Enterprise Firewall version 8.0 (Solaris):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html\n\nSymantec Gateway Security 5000 Series version 3.0:\nApply SGS3.0-2005114-02. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html\n\nSymantec Gateway Security 5400 version 2.0.1:\nApply SGS2.0.1-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html\n\nSymantec Gateway Security 5310 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html\n\nSymantec Gateway Security 5200/5300 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html\n\nSymantec Gateway Security 5100:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html\n\nSymantec Gateway Security 400 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html\n\nSymantec Gateway Security 300 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html\n\nSymantec Firewall /VPN Appliance 200/200R:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html\n\nSymantec Firewall /VPN Appliance 100:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3670"
},
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
},
{
"db": "PACKETSTORM",
"id": "41734"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3670",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#226364",
"trust": 3.2
},
{
"db": "BID",
"id": "15474",
"trust": 2.7
},
{
"db": "BID",
"id": "17030",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "17621",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1015229",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1015227",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1015727",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2005-2462",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-0880",
"trust": 1.6
},
{
"db": "BID",
"id": "15471",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "19174",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17598",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17684",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "17663",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "17838",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "17553",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "17608",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "17668",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2005.0924",
"trust": 0.8
},
{
"db": "BID",
"id": "17902",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "HPSBPI02078",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5642",
"trust": 0.6
},
{
"db": "HP",
"id": "SSRT050979",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200511-250",
"trust": 0.6
},
{
"db": "BID",
"id": "15560",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "41734",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"db": "PACKETSTORM",
"id": "41734"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"id": "VAR-200511-0016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T20:09:53.039000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20051114-ipsec",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
},
{
"title": "HPSBUX02076",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00555601"
},
{
"title": "HPSBUX02076",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02076.html"
},
{
"title": "PSN-2005-11-007",
"trust": 0.8,
"url": "http://www.juniper.net/support/security/alerts/psn-2005-11-007.txt"
},
{
"title": "AXSA-2006-65:1",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=362"
},
{
"title": "RHSA-2006:0267",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0267.html"
},
{
"title": "102246",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1"
},
{
"title": "102246",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3"
},
{
"title": "SYM05-025",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
},
{
"title": "cisco-sa-20051114-ipsec",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml"
},
{
"title": "SYM05-025",
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.checkpoint.co.jp/"
},
{
"title": "RHSA-2006:0267",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0267j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"trust": 3.2,
"url": "http://jvn.jp/niscc/niscc-273756/index.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/15474"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17621/"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/mimg-6j6qs4"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015727"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015229"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015227"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/19174"
},
{
"trust": 1.6,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1141762289787+28353475\u0026docid=c00602119"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/17030"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/15471"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17598"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/0880"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2005/2462"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5642"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/17553/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/17684/"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
},
{
"trust": 0.8,
"url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/5748"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17608/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17668/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17663/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17838/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3670"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3670"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17902"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2005/20051118_193244.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0880"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2005/2462"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5642"
},
{
"trust": 0.3,
"url": "https://clientweb.clavister.com/"
},
{
"trust": 0.3,
"url": "http://www.clavister.com/"
},
{
"trust": 0.3,
"url": "http://lists.clavister.com/archives/cfw-users/msg01852.html"
},
{
"trust": 0.3,
"url": "http://www.clavister.com/support/support_update_isakmp.html"
},
{
"trust": 0.3,
"url": "http://h30097.www3.hp.com/"
},
{
"trust": 0.3,
"url": "/archive/1/427071"
},
{
"trust": 0.3,
"url": "http://www.hp.com/products1/unix/"
},
{
"trust": 0.3,
"url": "http://r.your.hp.com/r/c/r?1.1.hx.dc.w2b6a.candds...dqzg.1mr_.2rqn9k"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3104/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6177/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3587/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6175/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/552/"
},
{
"trust": 0.1,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/876/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"db": "PACKETSTORM",
"id": "41734"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"db": "PACKETSTORM",
"id": "41734"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-17T00:00:00",
"db": "CERT/CC",
"id": "VU#226364"
},
{
"date": "2005-11-24T00:00:00",
"db": "BID",
"id": "15560"
},
{
"date": "2006-03-08T00:00:00",
"db": "BID",
"id": "17030"
},
{
"date": "2005-11-16T00:00:00",
"db": "BID",
"id": "15474"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"date": "2005-11-22T18:19:46",
"db": "PACKETSTORM",
"id": "41734"
},
{
"date": "2005-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"date": "2005-11-18T21:03:00",
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-03T00:00:00",
"db": "CERT/CC",
"id": "VU#226364"
},
{
"date": "2005-11-24T00:00:00",
"db": "BID",
"id": "15560"
},
{
"date": "2007-06-27T20:28:00",
"db": "BID",
"id": "17030"
},
{
"date": "2005-11-16T00:00:00",
"db": "BID",
"id": "15474"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000682"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-250"
},
{
"date": "2017-10-11T01:30:00",
"db": "NVD",
"id": "CVE-2005-3670"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "15560"
},
{
"db": "BID",
"id": "17030"
},
{
"db": "BID",
"id": "15474"
}
],
"trust": 0.9
}
}
FKIE_CVE-2008-4414
Vulnerability from fkie_nvd - Published: 2008-11-07 19:35 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9742A9-4703-42E9-A1FD-B831087DC955",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no espec\u00edfica en el comando showfile AdvFS en HP Tru64 UNIX v5.1B-3 y 5.1B-4 permite a usuarios locales para obtener privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-4414",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-07T19:35:55.883",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32621"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4567"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32160"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-6519
Vulnerability from fkie_nvd - Published: 2007-12-24 20:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9742A9-4703-42E9-A1FD-B831087DC955",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en File-on-File Mounting File System (FFM) en HP Tru64 UNIX 5.1B-4 y 5.1B-3 permite a usuarios locales provocar denegaci\u00f3n de servicio (caida de demonio) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-6519",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-24T20:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/28192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26964"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019135"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/28192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2791
Vulnerability from fkie_nvd - Published: 2007-05-22 00:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9742A9-4703-42E9-A1FD-B831087DC955",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Secure Shell (SSH) en HP Tru64 UNIX 5.1B-4 y 5.1B-3 permite a atacantes remotos identificar usuarios v\u00e1lidos a trav\u00e9s de vectores no especificados, posiblemente relacionados con ataques oportunos y AuthInteractiveFailureRandomTimeout."
}
],
"id": "CVE-2007-2791",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-22T00:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36204"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24036"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24021"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018065"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2553
Vulnerability from fkie_nvd - Published: 2007-05-09 17:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:tru64:5.1a:pk6:*:*:*:*:*:*",
"matchCriteriaId": "BA274FCB-748E-4EEB-9C77-DD5DF1ABB303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9742A9-4703-42E9-A1FD-B831087DC955",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en dop en HP Tru64 UNIX versiones 5.1B-4, 5.1B-3 y 5.1A PK6 permite a los usuarios locales alcanzar privilegios por medio de una gran cantidad de datos en el entorno, como es demostrado por una variable de entorno larga."
}
],
"id": "CVE-2007-2553",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T17:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36203"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25197"
},
{
"source": "cve@mitre.org",
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/23881"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018021"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"source": "cve@mitre.org",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/23881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-0805
Vulnerability from fkie_nvd - Published: 2007-02-07 11:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5840611-A108-48EE-9D5A-4B6DA0621FF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the \"auxewww\" argument, a similar issue to CVE-1999-1587."
},
{
"lang": "es",
"value": "El comando ps (/usr/ucb/ps) en el HP Tru64 UNIX 5.1 1885 permite a usuarios locales obtener informaci\u00f3n sensible incluyendo variables de entorno de procesos de su elecci\u00f3n, mediante el argumento \"auxewww\". Similar a la vulnerabilidad CVE-1999-1587.\r\n"
}
],
"id": "CVE-2007-0805",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-07T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33113"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24041"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25135"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017592"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018005"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6418
Vulnerability from fkie_nvd - Published: 2006-12-10 11:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:tru64:4.0f:pk8:*:*:*:*:*:*",
"matchCriteriaId": "884D55C0-F5EB-484E-8886-1C6C12320BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:4.0g:pk4:*:*:*:*:*:*",
"matchCriteriaId": "5A788DB8-B738-4498-9C0B-68FCB92086F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1a:pk6:*:*:*:*:*:*",
"matchCriteriaId": "BA274FCB-748E-4EEB-9C77-DD5DF1ABB303",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la biblioteca POSIX Threads (libpthread) sobre HP Tru64 UNIX 4.0F PK8, 4.0G PK4, y 5.1A PK6 permite a un usuario local ganar privilegios de root a trav\u00e9s de una variable de entorno PTHREAD_CONFIG larga."
}
],
"id": "CVE-2006-6418",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-10T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22743"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017211"
},
{
"source": "cve@mitre.org",
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21035"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"source": "cve@mitre.org",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-5452
Vulnerability from fkie_nvd - Published: 2006-10-23 17:07 - Updated: 2025-04-09 00:30
Severity ?
Summary
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F038B325-A982-43FB-9146-E103CCFB5C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
"matchCriteriaId": "D73D159B-C3D8-4BBD-8BAA-E9E8D3AD3A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8BA552-394A-4E06-8CAD-24A2F542FD91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:4.0f:pk8:*:*:*:*:*:*",
"matchCriteriaId": "884D55C0-F5EB-484E-8886-1C6C12320BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*",
"matchCriteriaId": "E43FAAEF-B0DD-466F-A74E-43CBA4CCF7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:4.0g:pk4:*:*:*:*:*:*",
"matchCriteriaId": "5A788DB8-B738-4498-9C0B-68FCB92086F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F90BA0-45D4-4089-BFBC-69FD1DB10C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5840611-A108-48EE-9D5A-4B6DA0621FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "684BEA17-3BFC-4C30-9E8A-411D9D057354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1a:pk6:*:*:*:*:*:*",
"matchCriteriaId": "BA274FCB-748E-4EEB-9C77-DD5DF1ABB303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1af:*:*:*:*:*:*:*",
"matchCriteriaId": "1839F0EE-84D7-4055-A044-5AB5E350225E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b:pk1:*:*:*:*:*:*",
"matchCriteriaId": "7ABA8226-9F76-4D11-9C5E-7563B7774952",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b2:pk4:*:*:*:*:*:*",
"matchCriteriaId": "91D70045-53B0-477E-BEA2-6B04808785DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en dtmail en HP Tru64 UNIX 4.0F hasta 5.1B, y HP-UX B.11.00 hasta B.11.23 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento -a (o attachment) muy largo."
}
],
"id": "CVE-2006-5452",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-23T17:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22451"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22528"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017083"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017098"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017099"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20580"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3670
Vulnerability from fkie_nvd - Published: 2005-11-18 21:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:jetdirect_635n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61CAD6AD-6E4B-4356-9CE7-BCA400ED7926",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
"matchCriteriaId": "D73D159B-C3D8-4BBD-8BAA-E9E8D3AD3A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b1:pk4:*:*:*:*:*:*",
"matchCriteriaId": "B1EFE691-90F1-40A8-BB83-BB5D9BADA584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
],
"id": "CVE-2005-3670",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-18T21:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17598"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19174"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015227"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015229"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015727"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"source": "cve@mitre.org",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15471"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15474"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17030"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2462"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0880"
},
{
"source": "cve@mitre.org",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5642"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-4414 (GCVE-0-2008-4414)
Vulnerability from cvelistv5 – Published: 2008-11-07 18:00 – Updated: 2024-08-07 10:17
VLAI?
Summary
Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-3050",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"name": "1021152",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"name": "hptru64unix-showfile-priv-escalation(46414)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"name": "4567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4567"
},
{
"name": "32621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32621"
},
{
"name": "SSRT080098",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"name": "32160",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32160"
},
{
"name": "HPSBTU02383",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-3050",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"name": "1021152",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"name": "hptru64unix-showfile-priv-escalation(46414)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"name": "4567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4567"
},
{
"name": "32621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32621"
},
{
"name": "SSRT080098",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"name": "32160",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32160"
},
{
"name": "HPSBTU02383",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-3050",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"name": "1021152",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"name": "hptru64unix-showfile-priv-escalation(46414)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"name": "4567",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4567"
},
{
"name": "32621",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32621"
},
{
"name": "SSRT080098",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"name": "32160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32160"
},
{
"name": "HPSBTU02383",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4414",
"datePublished": "2008-11-07T18:00:00",
"dateReserved": "2008-10-03T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6519 (GCVE-0-2007-6519)
Vulnerability from cvelistv5 – Published: 2007-12-24 20:00 – Updated: 2024-08-07 16:11
VLAI?
Summary
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-4293",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"name": "1019135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019135"
},
{
"name": "28192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28192"
},
{
"name": "HPSBTU02300",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"name": "26964",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26964"
},
{
"name": "hp-ffm-dos(39172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"name": "SSRT071452",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-4293",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"name": "1019135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019135"
},
{
"name": "28192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28192"
},
{
"name": "HPSBTU02300",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"name": "26964",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26964"
},
{
"name": "hp-ffm-dos(39172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"name": "SSRT071452",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-4293",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"name": "1019135",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019135"
},
{
"name": "28192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28192"
},
{
"name": "HPSBTU02300",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"name": "26964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26964"
},
{
"name": "hp-ffm-dos(39172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"name": "SSRT071452",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6519",
"datePublished": "2007-12-24T20:00:00",
"dateReserved": "2007-12-24T00:00:00",
"dateUpdated": "2024-08-07T16:11:06.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1496 (GCVE-0-2003-1496)
Vulnerability from cvelistv5 – Published: 2007-10-25 19:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9990"
},
{
"name": "8813",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8813"
},
{
"name": "tru64-dtmailpr-gain-privileges(13418)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13418"
},
{
"name": "SSRT3589",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/5973"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9990"
},
{
"name": "8813",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8813"
},
{
"name": "tru64-dtmailpr-gain-privileges(13418)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13418"
},
{
"name": "SSRT3589",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://www.securityfocus.com/advisories/5973"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9990"
},
{
"name": "8813",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8813"
},
{
"name": "tru64-dtmailpr-gain-privileges(13418)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13418"
},
{
"name": "SSRT3589",
"refsource": "COMPAQ",
"url": "http://www.securityfocus.com/advisories/5973"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1496",
"datePublished": "2007-10-25T19:00:00",
"dateReserved": "2007-10-25T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2791 (GCVE-0-2007-2791)
Vulnerability from cvelistv5 – Published: 2007-05-22 00:00 – Updated: 2024-08-07 13:49
VLAI?
Summary
Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"name": "1018065",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018065"
},
{
"name": "24036",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24036"
},
{
"name": "hp-ssh-information-disclosure(34329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"name": "SSRT071323",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "24021",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24021"
},
{
"name": "HPSBTU02209",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "36204",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"name": "1018065",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018065"
},
{
"name": "24036",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24036"
},
{
"name": "hp-ssh-information-disclosure(34329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"name": "SSRT071323",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "24021",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24021"
},
{
"name": "HPSBTU02209",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "36204",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36204"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"name": "1018065",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018065"
},
{
"name": "24036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24036"
},
{
"name": "hp-ssh-information-disclosure(34329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"name": "SSRT071323",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "24021",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24021"
},
{
"name": "HPSBTU02209",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "36204",
"refsource": "OSVDB",
"url": "http://osvdb.org/36204"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2791",
"datePublished": "2007-05-22T00:00:00",
"dateReserved": "2007-05-21T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2553 (GCVE-0-2007-2553)
Vulnerability from cvelistv5 – Published: 2007-05-09 17:00 – Updated: 2024-08-07 13:42
VLAI?
Summary
Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "23881",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23881"
},
{
"name": "HPSBTU02211",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "25197",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25197"
},
{
"name": "20070509 Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"name": "ADV-2007-1715",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"name": "hp-dop-privilege-escalation(34175)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"name": "SSRT071326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "1018021",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018021"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"name": "36203",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "23881",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23881"
},
{
"name": "HPSBTU02211",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "25197",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25197"
},
{
"name": "20070509 Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"name": "ADV-2007-1715",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"name": "hp-dop-privilege-escalation(34175)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"name": "SSRT071326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "1018021",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018021"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"name": "36203",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23881"
},
{
"name": "HPSBTU02211",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "25197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25197"
},
{
"name": "20070509 Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"name": "ADV-2007-1715",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"name": "hp-dop-privilege-escalation(34175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"name": "SSRT071326",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "1018021",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018021"
},
{
"name": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html",
"refsource": "MISC",
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"name": "36203",
"refsource": "OSVDB",
"url": "http://osvdb.org/36203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2553",
"datePublished": "2007-05-09T17:00:00",
"dateReserved": "2007-05-09T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2678 (GCVE-0-2004-2678)
Vulnerability from cvelistv5 – Published: 2007-02-27 02:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBTU00030",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
},
{
"name": "1009329",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009329"
},
{
"name": "9803",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9803"
},
{
"name": "tru64-ipsec-ike-gain-access(15397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15397"
},
{
"name": "SSRT3674",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBTU00030",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
},
{
"name": "1009329",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009329"
},
{
"name": "9803",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9803"
},
{
"name": "tru64-ipsec-ike-gain-access(15397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15397"
},
{
"name": "SSRT3674",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBTU00030",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
},
{
"name": "1009329",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009329"
},
{
"name": "9803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9803"
},
{
"name": "tru64-ipsec-ike-gain-access(15397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15397"
},
{
"name": "SSRT3674",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2678",
"datePublished": "2007-02-27T02:00:00",
"dateReserved": "2007-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0805 (GCVE-0-2007-0805)
Vulnerability from cvelistv5 – Published: 2007-02-07 11:00 – Updated: 2024-08-07 12:34
VLAI?
Summary
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:20.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017592"
},
{
"name": "HPSBTU02179",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"name": "1018005",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018005"
},
{
"name": "24041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24041"
},
{
"name": "25135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25135"
},
{
"name": "SSRT061256",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"name": "tru64-ps-information-disclosure(32276)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"name": "ADV-2007-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"name": "33113",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33113"
},
{
"name": "20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the \"auxewww\" argument, a similar issue to CVE-1999-1587."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017592"
},
{
"name": "HPSBTU02179",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"name": "1018005",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018005"
},
{
"name": "24041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24041"
},
{
"name": "25135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25135"
},
{
"name": "SSRT061256",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"name": "tru64-ps-information-disclosure(32276)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"name": "ADV-2007-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"name": "33113",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33113"
},
{
"name": "20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the \"auxewww\" argument, a similar issue to CVE-1999-1587."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017592",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017592"
},
{
"name": "HPSBTU02179",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"name": "1018005",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018005"
},
{
"name": "24041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24041"
},
{
"name": "25135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25135"
},
{
"name": "SSRT061256",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"name": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh",
"refsource": "MISC",
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"name": "tru64-ps-information-disclosure(32276)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"name": "ADV-2007-1654",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"name": "33113",
"refsource": "OSVDB",
"url": "http://osvdb.org/33113"
},
{
"name": "20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0805",
"datePublished": "2007-02-07T11:00:00",
"dateReserved": "2007-02-07T00:00:00",
"dateUpdated": "2024-08-07T12:34:20.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6418 (GCVE-0-2006-6418)
Vulnerability from cvelistv5 – Published: 2006-12-10 11:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT061222",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "HPSBTU02171",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "ADV-2006-4483",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"name": "1017211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017211"
},
{
"name": "22743",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22743"
},
{
"name": "hptru64-libpthread-bo(30178)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"name": "21035",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21035"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SSRT061222",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "HPSBTU02171",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "ADV-2006-4483",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"name": "1017211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017211"
},
{
"name": "22743",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22743"
},
{
"name": "hptru64-libpthread-bo(30178)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"name": "21035",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21035"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT061222",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "HPSBTU02171",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "ADV-2006-4483",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"name": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt",
"refsource": "MISC",
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"name": "1017211",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017211"
},
{
"name": "22743",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22743"
},
{
"name": "hptru64-libpthread-bo(30178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"name": "21035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21035"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6418",
"datePublished": "2006-12-10T11:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5452 (GCVE-0-2006-5452)
Vulnerability from cvelistv5 – Published: 2006-10-23 17:00 – Updated: 2024-08-07 19:48
VLAI?
Summary
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:30.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"name": "HPSBUX02162",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "1017083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017083"
},
{
"name": "20580",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20580"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"name": "1017098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017098"
},
{
"name": "1017099",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017099"
},
{
"name": "22528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22528"
},
{
"name": "ADV-2006-4140",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"name": "22451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22451"
},
{
"name": "ADV-2006-4139",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"name": "SSRT061223",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "dtmail-tru64-bo(29644)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"name": "HPSBTU02163",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"name": "HPSBUX02162",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "1017083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017083"
},
{
"name": "20580",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20580"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"name": "1017098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017098"
},
{
"name": "1017099",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017099"
},
{
"name": "22528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22528"
},
{
"name": "ADV-2006-4140",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"name": "22451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22451"
},
{
"name": "ADV-2006-4139",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"name": "SSRT061223",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "dtmail-tru64-bo(29644)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"name": "HPSBTU02163",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5175",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"name": "HPSBUX02162",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "1017083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017083"
},
{
"name": "20580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20580"
},
{
"name": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt",
"refsource": "MISC",
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"name": "1017098",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017098"
},
{
"name": "1017099",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017099"
},
{
"name": "22528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22528"
},
{
"name": "ADV-2006-4140",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"name": "22451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22451"
},
{
"name": "ADV-2006-4139",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"name": "SSRT061223",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "dtmail-tru64-bo(29644)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"name": "HPSBTU02163",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5452",
"datePublished": "2006-10-23T17:00:00",
"dateReserved": "2006-10-23T00:00:00",
"dateUpdated": "2024-08-07T19:48:30.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3670 (GCVE-0-2005-3670)
Vulnerability from cvelistv5 – Published: 2005-11-18 21:00 – Updated: 2024-08-07 23:17
VLAI?
Summary
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015227",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015227"
},
{
"name": "HPSBPI02078",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"name": "1015229",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015229"
},
{
"name": "ADV-2006-0880",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0880"
},
{
"name": "SSRT050979",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "15471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15471"
},
{
"name": "ADV-2005-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2462"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "1015727",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "17030",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17030"
},
{
"name": "15474",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15474"
},
{
"name": "VU#226364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "HPSBTU02100",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"name": "SSRT5979",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"name": "19174",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19174"
},
{
"name": "oval:org.mitre.oval:def:5642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5642"
},
{
"name": "17598",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17598"
},
{
"name": "HPSBUX02076",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015227",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015227"
},
{
"name": "HPSBPI02078",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"name": "1015229",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015229"
},
{
"name": "ADV-2006-0880",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0880"
},
{
"name": "SSRT050979",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "15471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15471"
},
{
"name": "ADV-2005-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2462"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "1015727",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "17030",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17030"
},
{
"name": "15474",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15474"
},
{
"name": "VU#226364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "HPSBTU02100",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"name": "SSRT5979",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"name": "19174",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19174"
},
{
"name": "oval:org.mitre.oval:def:5642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5642"
},
{
"name": "17598",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17598"
},
{
"name": "HPSBUX02076",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015227",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015227"
},
{
"name": "HPSBPI02078",
"refsource": "HP",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"name": "1015229",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015229"
},
{
"name": "ADV-2006-0880",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0880"
},
{
"name": "SSRT050979",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "15471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15471"
},
{
"name": "ADV-2005-2462",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2462"
},
{
"name": "http://jvn.jp/niscc/NISCC-273756/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "1015727",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015727"
},
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "17030",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17030"
},
{
"name": "15474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15474"
},
{
"name": "VU#226364",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "HPSBTU02100",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?admit=-1335382922+1141762289787+28353475\u0026docId=c00602119"
},
{
"name": "SSRT5979",
"refsource": "HP",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
},
{
"name": "19174",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19174"
},
{
"name": "oval:org.mitre.oval:def:5642",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5642"
},
{
"name": "17598",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17598"
},
{
"name": "HPSBUX02076",
"refsource": "HP",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6J6QS4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3670",
"datePublished": "2005-11-18T21:00:00",
"dateReserved": "2005-11-18T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4414 (GCVE-0-2008-4414)
Vulnerability from nvd – Published: 2008-11-07 18:00 – Updated: 2024-08-07 10:17
VLAI?
Summary
Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-3050",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"name": "1021152",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"name": "hptru64unix-showfile-priv-escalation(46414)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"name": "4567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4567"
},
{
"name": "32621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32621"
},
{
"name": "SSRT080098",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"name": "32160",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32160"
},
{
"name": "HPSBTU02383",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-3050",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"name": "1021152",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"name": "hptru64unix-showfile-priv-escalation(46414)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"name": "4567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4567"
},
{
"name": "32621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32621"
},
{
"name": "SSRT080098",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"name": "32160",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32160"
},
{
"name": "HPSBTU02383",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-3050",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3050"
},
{
"name": "1021152",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2008/Nov/1021152.html"
},
{
"name": "hptru64unix-showfile-priv-escalation(46414)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46414"
},
{
"name": "4567",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4567"
},
{
"name": "32621",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32621"
},
{
"name": "SSRT080098",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
},
{
"name": "32160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32160"
},
{
"name": "HPSBTU02383",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122600765224240\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4414",
"datePublished": "2008-11-07T18:00:00",
"dateReserved": "2008-10-03T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6519 (GCVE-0-2007-6519)
Vulnerability from nvd – Published: 2007-12-24 20:00 – Updated: 2024-08-07 16:11
VLAI?
Summary
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-4293",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"name": "1019135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019135"
},
{
"name": "28192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28192"
},
{
"name": "HPSBTU02300",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"name": "26964",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26964"
},
{
"name": "hp-ffm-dos(39172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"name": "SSRT071452",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-4293",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"name": "1019135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019135"
},
{
"name": "28192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28192"
},
{
"name": "HPSBTU02300",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"name": "26964",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26964"
},
{
"name": "hp-ffm-dos(39172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"name": "SSRT071452",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-4293",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4293"
},
{
"name": "1019135",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019135"
},
{
"name": "28192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28192"
},
{
"name": "HPSBTU02300",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
},
{
"name": "26964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26964"
},
{
"name": "hp-ffm-dos(39172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39172"
},
{
"name": "SSRT071452",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01310389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6519",
"datePublished": "2007-12-24T20:00:00",
"dateReserved": "2007-12-24T00:00:00",
"dateUpdated": "2024-08-07T16:11:06.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1496 (GCVE-0-2003-1496)
Vulnerability from nvd – Published: 2007-10-25 19:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9990"
},
{
"name": "8813",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8813"
},
{
"name": "tru64-dtmailpr-gain-privileges(13418)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13418"
},
{
"name": "SSRT3589",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/5973"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9990"
},
{
"name": "8813",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8813"
},
{
"name": "tru64-dtmailpr-gain-privileges(13418)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13418"
},
{
"name": "SSRT3589",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://www.securityfocus.com/advisories/5973"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9990"
},
{
"name": "8813",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8813"
},
{
"name": "tru64-dtmailpr-gain-privileges(13418)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13418"
},
{
"name": "SSRT3589",
"refsource": "COMPAQ",
"url": "http://www.securityfocus.com/advisories/5973"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1496",
"datePublished": "2007-10-25T19:00:00",
"dateReserved": "2007-10-25T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2791 (GCVE-0-2007-2791)
Vulnerability from nvd – Published: 2007-05-22 00:00 – Updated: 2024-08-07 13:49
VLAI?
Summary
Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"name": "1018065",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018065"
},
{
"name": "24036",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24036"
},
{
"name": "hp-ssh-information-disclosure(34329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"name": "SSRT071323",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "24021",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24021"
},
{
"name": "HPSBTU02209",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "36204",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"name": "1018065",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018065"
},
{
"name": "24036",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24036"
},
{
"name": "hp-ssh-information-disclosure(34329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"name": "SSRT071323",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "24021",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24021"
},
{
"name": "HPSBTU02209",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "36204",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36204"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1851"
},
{
"name": "1018065",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018065"
},
{
"name": "24036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24036"
},
{
"name": "hp-ssh-information-disclosure(34329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34329"
},
{
"name": "SSRT071323",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "24021",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24021"
},
{
"name": "HPSBTU02209",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01007552"
},
{
"name": "36204",
"refsource": "OSVDB",
"url": "http://osvdb.org/36204"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2791",
"datePublished": "2007-05-22T00:00:00",
"dateReserved": "2007-05-21T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2553 (GCVE-0-2007-2553)
Vulnerability from nvd – Published: 2007-05-09 17:00 – Updated: 2024-08-07 13:42
VLAI?
Summary
Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "23881",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23881"
},
{
"name": "HPSBTU02211",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "25197",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25197"
},
{
"name": "20070509 Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"name": "ADV-2007-1715",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"name": "hp-dop-privilege-escalation(34175)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"name": "SSRT071326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "1018021",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018021"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"name": "36203",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "23881",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23881"
},
{
"name": "HPSBTU02211",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "25197",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25197"
},
{
"name": "20070509 Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"name": "ADV-2007-1715",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"name": "hp-dop-privilege-escalation(34175)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"name": "SSRT071326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "1018021",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018021"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"name": "36203",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23881"
},
{
"name": "HPSBTU02211",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "25197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25197"
},
{
"name": "20070509 Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468103/100/0/threaded"
},
{
"name": "ADV-2007-1715",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1715"
},
{
"name": "hp-dop-privilege-escalation(34175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34175"
},
{
"name": "SSRT071326",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01036871"
},
{
"name": "1018021",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018021"
},
{
"name": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html",
"refsource": "MISC",
"url": "http://www.orkaan.org/tru64/orkaan_-_exp_Tru64-5.X_SSRT071326.html"
},
{
"name": "36203",
"refsource": "OSVDB",
"url": "http://osvdb.org/36203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2553",
"datePublished": "2007-05-09T17:00:00",
"dateReserved": "2007-05-09T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2678 (GCVE-0-2004-2678)
Vulnerability from nvd – Published: 2007-02-27 02:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBTU00030",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
},
{
"name": "1009329",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009329"
},
{
"name": "9803",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9803"
},
{
"name": "tru64-ipsec-ike-gain-access(15397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15397"
},
{
"name": "SSRT3674",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBTU00030",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
},
{
"name": "1009329",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009329"
},
{
"name": "9803",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9803"
},
{
"name": "tru64-ipsec-ike-gain-access(15397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15397"
},
{
"name": "SSRT3674",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBTU00030",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
},
{
"name": "1009329",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009329"
},
{
"name": "9803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9803"
},
{
"name": "tru64-ipsec-ike-gain-access(15397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15397"
},
{
"name": "SSRT3674",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/tru64/2004-q1/0004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2678",
"datePublished": "2007-02-27T02:00:00",
"dateReserved": "2007-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0805 (GCVE-0-2007-0805)
Vulnerability from nvd – Published: 2007-02-07 11:00 – Updated: 2024-08-07 12:34
VLAI?
Summary
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:20.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017592"
},
{
"name": "HPSBTU02179",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"name": "1018005",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018005"
},
{
"name": "24041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24041"
},
{
"name": "25135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25135"
},
{
"name": "SSRT061256",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"name": "tru64-ps-information-disclosure(32276)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"name": "ADV-2007-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"name": "33113",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33113"
},
{
"name": "20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the \"auxewww\" argument, a similar issue to CVE-1999-1587."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017592"
},
{
"name": "HPSBTU02179",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"name": "1018005",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018005"
},
{
"name": "24041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24041"
},
{
"name": "25135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25135"
},
{
"name": "SSRT061256",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"name": "tru64-ps-information-disclosure(32276)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"name": "ADV-2007-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"name": "33113",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33113"
},
{
"name": "20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the \"auxewww\" argument, a similar issue to CVE-1999-1587."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017592",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017592"
},
{
"name": "HPSBTU02179",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459266/100/0/threaded"
},
{
"name": "1018005",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018005"
},
{
"name": "24041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24041"
},
{
"name": "25135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25135"
},
{
"name": "SSRT061256",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459275/100/0/threaded"
},
{
"name": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh",
"refsource": "MISC",
"url": "http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh"
},
{
"name": "tru64-ps-information-disclosure(32276)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32276"
},
{
"name": "ADV-2007-1654",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1654"
},
{
"name": "33113",
"refsource": "OSVDB",
"url": "http://osvdb.org/33113"
},
{
"name": "20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459593/100/200/threaded"
},
{
"name": "20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0805",
"datePublished": "2007-02-07T11:00:00",
"dateReserved": "2007-02-07T00:00:00",
"dateUpdated": "2024-08-07T12:34:20.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6418 (GCVE-0-2006-6418)
Vulnerability from nvd – Published: 2006-12-10 11:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT061222",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "HPSBTU02171",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "ADV-2006-4483",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"name": "1017211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017211"
},
{
"name": "22743",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22743"
},
{
"name": "hptru64-libpthread-bo(30178)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"name": "21035",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21035"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SSRT061222",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "HPSBTU02171",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "ADV-2006-4483",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"name": "1017211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017211"
},
{
"name": "22743",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22743"
},
{
"name": "hptru64-libpthread-bo(30178)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"name": "21035",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21035"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT061222",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "HPSBTU02171",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193"
},
{
"name": "ADV-2006-4483",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4483"
},
{
"name": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt",
"refsource": "MISC",
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt"
},
{
"name": "1017211",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017211"
},
{
"name": "22743",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22743"
},
{
"name": "hptru64-libpthread-bo(30178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30178"
},
{
"name": "21035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21035"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6418",
"datePublished": "2006-12-10T11:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5452 (GCVE-0-2006-5452)
Vulnerability from nvd – Published: 2006-10-23 17:00 – Updated: 2024-08-07 19:48
VLAI?
Summary
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:30.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"name": "HPSBUX02162",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "1017083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017083"
},
{
"name": "20580",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20580"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"name": "1017098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017098"
},
{
"name": "1017099",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017099"
},
{
"name": "22528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22528"
},
{
"name": "ADV-2006-4140",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"name": "22451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22451"
},
{
"name": "ADV-2006-4139",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"name": "SSRT061223",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "dtmail-tru64-bo(29644)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"name": "HPSBTU02163",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"name": "HPSBUX02162",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "1017083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017083"
},
{
"name": "20580",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20580"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"name": "1017098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017098"
},
{
"name": "1017099",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017099"
},
{
"name": "22528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22528"
},
{
"name": "ADV-2006-4140",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"name": "22451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22451"
},
{
"name": "ADV-2006-4139",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"name": "SSRT061223",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "dtmail-tru64-bo(29644)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"name": "HPSBTU02163",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5175",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
},
{
"name": "HPSBUX02162",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "1017083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017083"
},
{
"name": "20580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20580"
},
{
"name": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt",
"refsource": "MISC",
"url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
},
{
"name": "1017098",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017098"
},
{
"name": "1017099",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017099"
},
{
"name": "22528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22528"
},
{
"name": "ADV-2006-4140",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4140"
},
{
"name": "22451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22451"
},
{
"name": "ADV-2006-4139",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4139"
},
{
"name": "SSRT061223",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
},
{
"name": "dtmail-tru64-bo(29644)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
},
{
"name": "HPSBTU02163",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5452",
"datePublished": "2006-10-23T17:00:00",
"dateReserved": "2006-10-23T00:00:00",
"dateUpdated": "2024-08-07T19:48:30.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}