CVE-2000-0702

Name of the Vulnerable Software and Affected Versions HP-UX version 11.00

Description The issue allows local users to overwrite arbitrary files via a symlink attack. This is achieved by creating a symlink from /tmp/stcp.conf to the targeted file, exploiting the net.init rc script in HP-UX.

Recommendations For HP-UX version 11.00, consider restricting access to the /tmp/stcp.conf file to prevent symlink attacks until a patch is available. As a temporary workaround, monitor the /tmp directory for suspicious symlinks and remove them promptly to minimize the risk of exploitation.