Lucene search

MitreCVE-2000-0702

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-0702

2001-01-2205:00:00

mitre

web.nvd.nist.gov

hp-ux 11.00

net.init

rc script

local users

overwrite files

symlink attack

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

Percentile

0.4%

JSON

The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.

Affected configurations

Nvd

Node

hphp-uxMatch11.00

VendorProductVersionCPE
hphp-ux11.00cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	hp-ux	11.00	cpe:2.3:o:hp:hp-ux:11.00:::::::*

References

archives.neohapsis.com/archives/bugtraq/2000-08/0261.html

www.securityfocus.com/bid/1602

exchange.xforce.ibmcloud.com/vulnerabilities/5131

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for CVE-2000-0702