Vulnerabilities > CVE-2000-0702 - Unspecified vulnerability in HP Hp-Ux 11.00

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

exploit available

NVD

Published: 2000-10-20

Updated: 2017-10-10

Summary

The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP HP UX 11.00	1

Exploit-Db

description	HP-UX 11.0 net.init RC Script Vulnerability. CVE-2000-0702. Local exploit for hp-ux platform
id	EDB-ID:20162
last seen	2016-02-02
modified	2000-08-22
published	2000-08-22
reporter	Kyong-won Cho
source	https://www.exploit-db.com/download/20162/
title	HP-UX 11.0 net.init RC Script Vulnerability

References

http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html
http://www.securityfocus.com/bid/1602
https://exchange.xforce.ibmcloud.com/vulnerabilities/5131