All the vulnerabilites related to hp - vvos
cve-2001-1264
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 04:51
Severity ?
EPSS score ?
Summary
Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/advisories/3459 | vendor-advisory, x_refsource_HP | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6867 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/420475 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/3072 | vdb-entry, x_refsource_BID | |
| http://ciac.llnl.gov/ciac/bulletins/l-119.shtml | third-party-advisory, government-resource, x_refsource_CIAC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:07.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX0107-161",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/3459"
},
{
"name": "hp-virtualvault-mkacct-privilege-elevation(6867)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6867"
},
{
"name": "VU#420475",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/420475"
},
{
"name": "3072",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3072"
},
{
"name": "L-119",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://ciac.llnl.gov/ciac/bulletins/l-119.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX0107-161",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/3459"
},
{
"name": "hp-virtualvault-mkacct-privilege-elevation(6867)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6867"
},
{
"name": "VU#420475",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/420475"
},
{
"name": "3072",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3072"
},
{
"name": "L-119",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://ciac.llnl.gov/ciac/bulletins/l-119.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX0107-161",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/3459"
},
{
"name": "hp-virtualvault-mkacct-privilege-elevation(6867)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6867"
},
{
"name": "VU#420475",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/420475"
},
{
"name": "3072",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3072"
},
{
"name": "L-119",
"refsource": "CIAC",
"url": "http://ciac.llnl.gov/ciac/bulletins/l-119.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1264",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T04:51:07.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0414
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1214 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1214",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1214"
},
{
"name": "HPSBUX0005-113",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1214",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1214"
},
{
"name": "HPSBUX0005-113",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1214"
},
{
"name": "HPSBUX0005-113",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0414",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1439
Vulnerability from cvelistv5
Published
2003-03-18 05:00
Modified
2024-08-08 03:26
Severity ?
EPSS score ?
Summary
Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/hp/2002-q3/0050.html | vendor-advisory, x_refsource_HP | |
| http://www.iss.net/security_center/static/9846.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/5459 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX0208-211",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0050.html"
},
{
"name": "hp-vvos-tga-corruption(9846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9846.php"
},
{
"name": "5459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX0208-211",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0050.html"
},
{
"name": "hp-vvos-tga-corruption(9846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9846.php"
},
{
"name": "5459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX0208-211",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0050.html"
},
{
"name": "hp-vvos-tga-corruption(9846)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9846.php"
},
{
"name": "5459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1439",
"datePublished": "2003-03-18T05:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0251
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1090 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1090",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1090"
},
{
"name": "HPSBUX0004-112",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1090",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1090"
},
{
"name": "HPSBUX0004-112",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1090"
},
{
"name": "HPSBUX0004-112",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0251",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0306
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
buffer overflow in HP xlock program.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "buffer overflow in HP xlock program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:13:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "buffer overflow in HP xlock program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0306",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0057
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Vacation program allows command execution by remote users through a sendmail command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX9811-087",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vacation program allows command execution by remote users through a sendmail command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX9811-087",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vacation program allows command execution by remote users through a sendmail command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9811-087",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0057",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1244
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 04:51
Severity ?
EPSS score ?
Summary
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/195457 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6824 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/2997 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:07.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010708 Small TCP packets == very large overhead == DoS?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"name": "tcp-mss-dos(6824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"name": "2997",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2997"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010708 Small TCP packets == very large overhead == DoS?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"name": "tcp-mss-dos(6824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"name": "2997",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2997"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010708 Small TCP packets == very large overhead == DoS?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"name": "tcp-mss-dos(6824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"name": "2997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2997"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1244",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T04:51:07.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1408
Vulnerability from cvelistv5
Published
2003-03-18 05:00
Modified
2024-08-08 03:26
Severity ?
EPSS score ?
Summary
Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.
References
| ▼ | URL | Tags |
|---|---|---|
| http://online.securityfocus.com/advisories/4360 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/bid/5428 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/9814.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX0208-208",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4360"
},
{
"name": "5428",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5428"
},
{
"name": "hp-emanate-default-snmp(9814)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9814.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) \"\u0027read-only\u0027 community access,\" and/or (2) an easily guessable community name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX0208-208",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4360"
},
{
"name": "5428",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5428"
},
{
"name": "hp-emanate-default-snmp(9814)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9814.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1408",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) \"\u0027read-only\u0027 community access,\" and/or (2) an easily guessable community name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX0208-208",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4360"
},
{
"name": "5428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5428"
},
{
"name": "hp-emanate-default-snmp(9814)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9814.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1408",
"datePublished": "2003-03-18T05:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0492
Vulnerability from cvelistv5
Published
2004-06-23 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:15.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2"
},
{
"name": "FLSA:1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737"
},
{
"name": "RHSA-2004:245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-245.html"
},
{
"name": "SSRT090208",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guninski.com/modproxy1.html"
},
{
"name": "57628",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1"
},
{
"name": "20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html"
},
{
"name": "oval:org.mitre.oval:def:100112",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112"
},
{
"name": "MDKSA-2004:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065"
},
{
"name": "oval:org.mitre.oval:def:4863",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863"
},
{
"name": "101555",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1"
},
{
"name": "20040605-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc"
},
{
"name": "DSA-525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-525"
},
{
"name": "HPSBOV02683",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "VU#541310",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/541310"
},
{
"name": "101841",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1"
},
{
"name": "11841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11841"
},
{
"name": "apache-modproxy-contentlength-bo(16387)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:08:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2"
},
{
"name": "FLSA:1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737"
},
{
"name": "RHSA-2004:245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-245.html"
},
{
"name": "SSRT090208",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guninski.com/modproxy1.html"
},
{
"name": "57628",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1"
},
{
"name": "20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html"
},
{
"name": "oval:org.mitre.oval:def:100112",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112"
},
{
"name": "MDKSA-2004:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065"
},
{
"name": "oval:org.mitre.oval:def:4863",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863"
},
{
"name": "101555",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1"
},
{
"name": "20040605-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc"
},
{
"name": "DSA-525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-525"
},
{
"name": "HPSBOV02683",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "VU#541310",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/541310"
},
{
"name": "101841",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1"
},
{
"name": "11841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11841"
},
{
"name": "apache-modproxy-contentlength-bo(16387)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2"
},
{
"name": "FLSA:1737",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737"
},
{
"name": "RHSA-2004:245",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-245.html"
},
{
"name": "SSRT090208",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "http://www.guninski.com/modproxy1.html",
"refsource": "MISC",
"url": "http://www.guninski.com/modproxy1.html"
},
{
"name": "57628",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1"
},
{
"name": "20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows",
"refsource": "FULLDISC",
"url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html"
},
{
"name": "oval:org.mitre.oval:def:100112",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112"
},
{
"name": "MDKSA-2004:065",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065"
},
{
"name": "oval:org.mitre.oval:def:4863",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863"
},
{
"name": "101555",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1"
},
{
"name": "20040605-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc"
},
{
"name": "DSA-525",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-525"
},
{
"name": "HPSBOV02683",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "VU#541310",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/541310"
},
{
"name": "101841",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1"
},
{
"name": "11841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11841"
},
{
"name": "apache-modproxy-contentlength-bo(16387)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0492",
"datePublished": "2004-06-23T04:00:00",
"dateReserved": "2004-05-27T00:00:00",
"dateUpdated": "2024-08-08T00:17:15.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1793
Vulnerability from cvelistv5
Published
2005-06-28 04:00
Modified
2024-09-17 03:23
Severity ?
EPSS score ?
Summary
HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/5791 | vdb-entry, x_refsource_BID | |
| http://online.securityfocus.com/advisories/4502 | vendor-advisory, x_refsource_HP | |
| http://www.iss.net/security_center/static/10206.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5791"
},
{
"name": "HPSBUX0209-220",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4502"
},
{
"name": "hp-vvos-modssl-dos(10206)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10206.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5791"
},
{
"name": "HPSBUX0209-220",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4502"
},
{
"name": "hp-vvos-modssl-dos(10206)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10206.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5791"
},
{
"name": "HPSBUX0209-220",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4502"
},
{
"name": "hp-vvos-modssl-dos(10206)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10206.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1793",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T03:23:22.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0014
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Unauthorized privileged access or denial of service via dtappgather program in CDE.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075 | vendor-advisory, x_refsource_HP | |
| http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/185 | vendor-advisory, x_refsource_SUN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX9801-075",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075"
},
{
"name": "00185",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unauthorized privileged access or denial of service via dtappgather program in CDE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX9801-075",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075"
},
{
"name": "00185",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unauthorized privileged access or denial of service via dtappgather program in CDE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9801-075",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075"
},
{
"name": "00185",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0014",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1332
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=110797179710695&w=2 | vendor-advisory, x_refsource_HP | |
| http://securitytracker.com/id?1012650 | vdb-entry, x_refsource_SECTRACK | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/12077 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=110797179710695&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.kb.cert.org/vuls/id/647438 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/13608 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18636 | vdb-entry, x_refsource_XF | |
| http://www.idefense.com/application/poi/display?id=175&type=vulnerabilities&flashstatus=false | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX01118",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "1012650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012650"
},
{
"name": "oval:org.mitre.oval:def:5701",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"name": "12077",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"name": "SSRT4883",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "VU#647438",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"name": "13608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13608"
},
{
"name": "hp-ftpd-bo(18636)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX01118",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "1012650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012650"
},
{
"name": "oval:org.mitre.oval:def:5701",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"name": "12077",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"name": "SSRT4883",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "VU#647438",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"name": "13608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13608"
},
{
"name": "hp-ftpd-bo(18636)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX01118",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "1012650",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012650"
},
{
"name": "oval:org.mitre.oval:def:5701",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"name": "12077",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12077"
},
{
"name": "SSRT4883",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "VU#647438",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"name": "13608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13608"
},
{
"name": "hp-ftpd-bo(18636)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1332",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-06T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0992
Vulnerability from cvelistv5
Published
2000-01-18 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX9912-107",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX9912-107",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9912-107",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0992",
"datePublished": "2000-01-18T05:00:00",
"dateReserved": "1999-12-21T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0965
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5361 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/hp/2000-q4/0012.html | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:32.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-virtualvault-nsapi-dos(5361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5361"
},
{
"name": "HPSBUX0010-124",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2000-q4/0012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hp-virtualvault-nsapi-dos(5361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5361"
},
{
"name": "HPSBUX0010-124",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2000-q4/0012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-virtualvault-nsapi-dos(5361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5361"
},
{
"name": "HPSBUX0010-124",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2000-q4/0012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0965",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:32.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2003-04-11 04:00
Modified
2024-11-20 23:41
Severity ?
Summary
Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/hp/2002-q3/0050.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/9846.php | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/5459 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/hp/2002-q3/0050.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/9846.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5459 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | virtualvault | 4.0 | |
| hp | virtualvault | 4.5 | |
| hp | virtualvault | 4.6 | |
| hp | vvos | 11.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:virtualvault:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7179CB7C-CD63-421E-AD9E-0422020D7963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:virtualvault:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2609CA23-B892-428D-93D1-D210B8D5741D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:virtualvault:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "129075F9-F03E-4298-8515-5A046816C7C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files."
},
{
"lang": "es",
"value": "Vulnerabilidad desconocida relacionada con la corrupci\u00f3n del stack en el demonio TGA para HP-UX 11.04 (WOS) Virtualvault 4.0, 4.5, y 4.6 permite que atacantes tengan acceso al sistema de ficheros."
}
],
"id": "CVE-2002-1439",
"lastModified": "2024-11-20T23:41:18.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0050.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9846.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9846.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5459"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-01-21 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Unauthorized privileged access or denial of service via dtappgather program in CDE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cde:cde:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F2611013-0EF4-4FDD-AB86-DAB93D50528D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cde:cde:1.01_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "87B56680-D05B-49BB-8962-2DDD84DF9824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cde:cde:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "05D7A888-6739-4D80-9807-E2AA983DAEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cde:cde:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0409D8C4-A512-492A-9093-CE1E78E1426E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cde:cde:1.02_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "25543AC5-A778-4EF6-8ACD-3841268EADBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cde:cde:1.2_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "38748ACD-16B2-40A5-8E5A-681B2F2DF8BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unauthorized privileged access or denial of service via dtappgather program in CDE."
}
],
"id": "CVE-1999-0014",
"lastModified": "2024-11-20T23:27:36.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/185"
},
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization)."
}
],
"id": "CVE-2000-0965",
"lastModified": "2024-11-20T23:33:41.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/hp/2000-q4/0012.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/hp/2000-q4/0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5361"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | virtualvault | 4.5 | |
| hp | virtualvault | 4.6 | |
| hp | vvos | 11.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:virtualvault:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2609CA23-B892-428D-93D1-D210B8D5741D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:virtualvault:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "129075F9-F03E-4298-8515-5A046816C7C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service."
}
],
"id": "CVE-2002-1793",
"lastModified": "2024-11-20T23:42:08.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/advisories/4502"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.iss.net/security_center/static/10206.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/5791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/advisories/4502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.iss.net/security_center/static/10206.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/5791"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-06 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F038B325-A982-43FB-9146-E103CCFB5C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:3.50:*:*:*:*:*:*:*",
"matchCriteriaId": "C74B2BE9-2A39-4F69-9DF5-86985E7FB394",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses."
}
],
"id": "CVE-2000-0251",
"lastModified": "2024-11-20T23:32:04.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1090"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-19 04:00
Modified
2024-11-20 23:37
Severity ?
Summary
Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7A7B90-9086-4A10-8FB4-1C1D909BC173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23EB7024-F73B-459A-9054-84DE34013841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "801D6635-807A-4749-915C-7DFEB3C57A5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges."
}
],
"id": "CVE-2001-1264",
"lastModified": "2024-11-20T23:37:16.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-19T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://ciac.llnl.gov/ciac/bulletins/l-119.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/420475"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/advisories/3459"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3072"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://ciac.llnl.gov/ciac/bulletins/l-119.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/420475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/advisories/3459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6867"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-04-11 04:00
Modified
2024-11-20 23:41
Severity ?
Summary
Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://online.securityfocus.com/advisories/4360 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/9814.php | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/5428 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://online.securityfocus.com/advisories/4360 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/9814.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5428 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | openview_emanate_snmp_agent | 14.2 | |
| hp | vvos | 11.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:openview_emanate_snmp_agent:14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F16FD70C-9FD3-478A-8272-E54BC98598CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) \"\u0027read-only\u0027 community access,\" and/or (2) an easily guessable community name."
},
{
"lang": "es",
"value": "Vulnerabilidad o vulnerabilidades desconocidas en m\u00f3dulos SNMP de HP OpenView EMANATE 14.2 SNMP permite que el nombre de comunidad de lectura y escritura quede expuesto, vulnerabilidad relacionada con \"acceso de comunidad de s\u00f3lo lectura\" y/o \"nombre de comunidad f\u00e1cil de adivinar\"."
}
],
"id": "CVE-2002-1408",
"lastModified": "2024-11-20T23:41:14.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/advisories/4360"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9814.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/advisories/4360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9814.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5428"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-04 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables."
}
],
"id": "CVE-2000-0414",
"lastModified": "2024-11-20T23:32:27.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1214"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F038B325-A982-43FB-9146-E103CCFB5C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11i:*:*:*:*:*:*:*",
"matchCriteriaId": "C10245E1-C95C-4219-92C9-888E5966ABF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC3AECB-D8A1-413E-BC9B-7245B386FCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
}
],
"id": "CVE-2004-1332",
"lastModified": "2024-11-20T23:50:37.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13608"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012650"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-11-16 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Vacation program allows command execution by remote users through a sendmail command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:vacation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F37FF4C2-CCFE-4B9A-A814-B0F7AD6E012E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9:*:*:*:*:*:*:*",
"matchCriteriaId": "5E54D276-792B-40D2-B39B-5050028DE988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
"matchCriteriaId": "066D4E93-366F-42D4-B27D-8AF981F5F2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AADED85-FA20-4D93-8921-A4933181ADF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11AEFEC9-5DB4-44CB-977D-6561DC1680C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vacation program allows command execution by remote users through a sendmail command."
}
],
"id": "CVE-1999-0057",
"lastModified": "2024-11-20T23:27:44.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-11-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-18 05:00
Modified
2024-11-20 23:30
Severity ?
Summary
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AADED85-FA20-4D93-8921-A4933181ADF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP)."
}
],
"id": "CVE-1999-0992",
"lastModified": "2024-11-20T23:30:01.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-07 04:00
Modified
2024-11-20 23:37
Severity ?
Summary
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 4.3 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.0.4 | |
| hp | hp-ux | 11.11 | |
| hp | vvos | 11.04 | |
| linux | linux_kernel | 2.4.0 | |
| linux | linux_kernel | 2.4.1 | |
| linux | linux_kernel | 2.4.2 | |
| linux | linux_kernel | 2.4.3 | |
| linux | linux_kernel | 2.4.4 | |
| linux | linux_kernel | 2.4.5 | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.7 | |
| sun | sunos | 5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:workstation:*:*:*:*:*",
"matchCriteriaId": "FE4E91DD-FA6B-4735-A07C-0A88BADCAFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B9236480-6450-42E1-B1FF-F336488A683A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*",
"matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process."
}
],
"id": "CVE-2001-1244",
"lastModified": "2024-11-20T23:37:14.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2997"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-11-04 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
buffer overflow in HP xlock program.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "buffer overflow in HP xlock program."
}
],
"id": "CVE-1999-0306",
"lastModified": "2024-11-20T23:28:22.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-11-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | 1.3.26 | |
| apache | http_server | 1.3.27 | |
| apache | http_server | 1.3.28 | |
| apache | http_server | 1.3.29 | |
| apache | http_server | 1.3.31 | |
| hp | virtualvault | 11.0.4 | |
| hp | webproxy | 2.0 | |
| hp | webproxy | 2.1 | |
| ibm | http_server | 1.3.26 | |
| ibm | http_server | 1.3.26.1 | |
| ibm | http_server | 1.3.26.2 | |
| ibm | http_server | 1.3.28 | |
| sgi | propack | 2.4 | |
| hp | vvos | 11.04 | |
| openbsd | openbsd | * | |
| openbsd | openbsd | 3.4 | |
| openbsd | openbsd | 3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E130104B-86F5-411E-8AC0-9B4B780BCA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "0E62E621-74DA-4D99-A79C-AD2B85896A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2C577188-BD56-4571-A61A-1684DC9E9DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A4CD9-1E96-4D3B-938D-F2D15855B0DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*",
"matchCriteriaId": "4058CE14-1CC8-42FD-A6BD-6869C1610E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:virtualvault:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8853E4-FEA2-4760-8734-5110D785F3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:webproxy:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFE6E5A-6D37-494F-B9E5-37116DDC120A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:webproxy:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BA3FB4-63B7-4B3E-A2EA-137B93D076DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:http_server:1.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "9F43768E-F635-4A5E-892E-F8A732AC9F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:http_server:1.3.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE51E2D-29DA-41D8-824A-05FD4D208ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:http_server:1.3.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7581135B-5A4C-48DA-8FCC-A06FB0C22072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:http_server:1.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "B4ED546C-D170-475B-9BB5-F23EAAD8B035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en el mont\u00f3n en proxy_util.c de mod_proxy en Apache 1.3.25 a 1.3.31 permite a atacantes remotos causar un denegaci\u00f3n de servicio (ca\u00edda del proceso) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un campo de cabecera HTTP Content-Length negativo, lo que causa que una gran cantidad de datos sean copiados."
}
],
"id": "CVE-2004-0492",
"lastModified": "2024-11-20T23:48:42.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-245.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11841"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-525"
},
{
"source": "cve@mitre.org",
"url": "http://www.guninski.com/modproxy1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541310"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-245.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.guninski.com/modproxy1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Fixed in Apache HTTP Server 1.3.32:\nhttp://httpd.apache.org/security/vulnerabilities_13.html",
"lastModified": "2008-07-02T00:00:00",
"organization": "Apache"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}