📦

tru64

Vendor: compaq

Actively Exploited 0 CISA KEV List

PoC / Exploits 11 Code Available

Total RCEs 11 Remote Access

Total CVEs 12 Total Indexed

Avg. EPSS 3.15% Exploit Prob.

Latest CVE CVE-2008-4414 Nov 07

Security Vulnerability Index

Page 1 / 2

7.2 CVSS

CVE-2008-4414

Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors.

EPSS: 0.08%

Severity: HIGH

Nov 07, 2008

4.9 CVSS

CVE-2007-6519

Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.

EPSS: 0.08%

Severity: MEDIUM

Dec 24, 2007

10.0 CVSS

CVE-2007-2791

Exploit Found

Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.

EPSS: 6.92%

Severity: HIGH

May 22, 2007

7.2 CVSS

CVE-2007-2553

Exploit Found

Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable.

EPSS: 0.39%

Severity: HIGH

May 09, 2007

2.1 CVSS

CVE-2007-0805

Exploit Found

The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.

EPSS: 0.87%

Severity: LOW

Feb 07, 2007

7.2 CVSS

CVE-2006-6418

Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.

EPSS: 0.19%

Severity: HIGH

Dec 10, 2006

4.6 CVSS

CVE-2006-5452

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

EPSS: 0.26%

Severity: MEDIUM

Oct 23, 2006

1.7 CVSS

CVE-2005-2993

Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).

EPSS: 0.18%

Severity: LOW

Sep 20, 2005

2.1 CVSS

CVE-2005-0719

Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.

EPSS: 0.09%

Severity: LOW

Mar 09, 2005

5.1 CVSS

CVE-2004-2678

Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors.

EPSS: 0.80%

Severity: MEDIUM

Dec 31, 2004

Displaying 10 of 12 Total Entries

1 2

Total 2 Sections