Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1127HP Hp-ux vulnerability

5 documents4 sources
Severity
3.6LOWNVD
EPSS
1.5%
top 19.03%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Hp-ux
Timeline
PublishedJan 9
Latest updateApr 30

Description

registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDhp/hp-ux10.20

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-r6hg-vfqv-94j7: registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar2022-04-30
CVEList
CVE-2000-1127: registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar2000-12-19

💥Exploits & PoCs

2
Exploit-DB
Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes2019-07-10
Exploit-DB
HP-UX 10.20 - registrar Local Arbitrary File Read2000-11-08
CVE-2000-1127 — HP Hp-ux vulnerability | cvebase