CVE-2000-0702
HP-UX 11.00 - Arbitrary File Overwrite via Symlink Attack on /tmp/stcp.conf
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0702. PoCs published by Kyong-won Cho.
AI-analyzed exploit summary This exploit leverages a symbolic link vulnerability in HP-UX 11.0 where the CLEAR_TMP option is enabled. By creating a symbolic link in /tmp/stcp.conf, an attacker can overwrite arbitrary files during system reboot due to improper handling in the net.init and clean_tmps scripts.
Description
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
Exploits (1)
This exploit leverages a symbolic link vulnerability in HP-UX 11.0 where the CLEAR_TMP option is enabled. By creating a symbolic link in /tmp/stcp.conf, an attacker can overwrite arbitrary files during system reboot due to improper handling in the net.init and clean_tmps scripts.