Orange Applications for Business
version française
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
subscriber area free trial
subscriber area
The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerable product
Vulnerabilities of HP-UX

HP-UX vulnerability: clear text session via SKIP-TLS
An attacker, who has a TLS server, can force the JSSE, CyaSSL, Mono or OpenSSL client/server to use a clear text session, in order to allow a third party to capture or alter exchanged data.

HP-UX vulnerability: NULL pointer dereference via ssl23_get_client_hello
An attacker can force a NULL pointer to be dereferenced in ssl23_get_client_hello() of OpenSSL, in order to trigger a denial of service.

HP-UX vulnerability: privilege escalation via libpam_updbe
An attacker can use libpam_updbe of HP-UX, in order to escalate his privileges.

HP-UX vulnerability: memory leak via Session Ticket
An attacker can use a malicious Session Ticket, to create a memory leak in OpenSSL, in order to trigger a denial of service.

HP-UX vulnerability: Cross Site Request Forgery of SMH
An attacker can trigger a Cross Site Request Forgery in SMH of HP-UX, in order to force the victim to perform operations.

Display other vulnerabilities of HP-UX described by Vigil@nce...

Display information about HP-UX:

Copyright 1999-2015 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice.