CVE-2000-0515
published 2000-06-07CVE-2000-0515: The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain…
PriorityP338critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.36%
94.3th percentile
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Word 2000 - Code Execution
exploitdb·2007-02-03
CVE-2007-0515 Microsoft Word 2000 - Code Execution
Microsoft Word 2000 - Code Execution
---
############ use at your own risk *******
+ Title: Microsoft Word 2000 Unspecified Code Execution Vulnerability Exploit (0-day)
+ code by xCuter (BongGoo Kang - [email protected])
+ Critical: High Critical
+ Impact: MS Word 2000 -> Could Allow Arbitrary Command Execution
MS word 2003 -> Attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service
+ Where: From remote
+ Tested Operating System: Windows XP SP2 FULL PATCHED (Korean Language)
+ Tested Software: Microsoft(R) Word 2000 (9.0.2720)
+ Solution: Not Patched (zero-day)
+ Description:
When a user opens a specially crafted Word file using a malformed string,
it may corrupt system memory in such a way that an attacker could execute arbitrary code
Exploit-DB
Microsoft Word 2000 - Malformed Function Code Execution
exploitdb·2007-01-25
CVE-2007-0515 Microsoft Word 2000 - Malformed Function Code Execution
Microsoft Word 2000 - Malformed Function Code Execution
---
source: https://www.securityfocus.com/bid/22225/info
Microsoft Word 2000 is prone to a remote code-execution vulnerability.
Microsoft Word 2000 is confirmed vulnerable to a remote code-execution issue. Exploit attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service for legitimate users.
Note that this issue is distinct from issues described in BID 21589 (Microsoft Word Code Execution Vulnerability), BID 21451 (Microsoft Word Malformed String Remote Code Execution Vulnerability), and BID 21518 (Microsoft Word Malformed Data Structures Code Execution Vulnerability).
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29524.doc
Exploit-DB
HP-UX 10.20/11.0 - '.SNMPD' File Permission
exploitdb·2000-06-07
CVE-2000-0515 HP-UX 10.20/11.0 - '.SNMPD' File Permission
HP-UX 10.20/11.0 - '.SNMPD' File Permission
---
source: https://www.securityfocus.com/bid/1327/info
A vulnerability exists in the snmpd included with HPUX 11, from Hewlett Packard. The configuration file for the snmpd is world writable. This could allow any user on the system to view and/or alter the settings of the snmp daemon. This in turn could be used to alter the configuration of the system, including, but not limited to, routing, addressing, arp caches, the status of connections, and so on. It is also possible this could be used to elevate access levels.
Another vulnerability exists which allows users to redirect the logging location of snmpd to an alternate location, using symbolic links. This file is in a mode 777 directory, so any user can remove a file that already exists. Us
No writeups or analysis indexed.
http://www.securityfocus.com/bid/1327http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006070511.OAA05492%40dogfoot.hackerslab.orghttp://www.securityfocus.com/templates/archive.pike?list=1&msg=200006090640.XAA00779%40hpchs.cup.hp.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/4643http://www.securityfocus.com/bid/1327http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006070511.OAA05492%40dogfoot.hackerslab.orghttp://www.securityfocus.com/templates/archive.pike?list=1&msg=200006090640.XAA00779%40hpchs.cup.hp.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/4643
2000-06-07
Published