Hp ≫ Hp-ux

The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.

The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.

Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.

Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.

HP CDE program includes the current directory in root's PATH variable.

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.

Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.

ftp on HP-UX 11.00 allows local users to gain privileges.