Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0702

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-0702
Last Modified 05 Sep 2008 04:21:40
Published 20 Oct 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0702

Summary

The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.

Vulnerable Systems

Operating System

  • Hp-ux 11.00


References

BID - 1602

BUGTRAQ - 20000821 [HackersLab bugpaper] HP-UX net.init rc script

XF - hp-netinit-symlink


Last Updated: 27 May 2016 10:35:50