Description
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by J.A. Gutierrez · textlocalhp-ux
https://www.exploit-db.com/exploits/20386
References (2)
Core 2
Core References
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/143845
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1919
Scores
EPSS
0.0147
EPSS Percentile
81.0%
Details
Status
published
Products (1)
hp/hp-ux
10.20
Published
Jan 09, 2001
Tracked Since
Feb 18, 2026