Description
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Kyong-won Cho · textlocalhp-ux
https://www.exploit-db.com/exploits/20162
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5131
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1602
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html
Scores
EPSS
0.0025
EPSS Percentile
47.9%
Details
Status
published
Products (1)
hp/hp-ux
11.00
Published
Oct 20, 2000
Tracked Since
Feb 18, 2026