CVE-2000-0077

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Jan 2, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0077 is a vulnerability affecting the October 1998 version of HP-UX aserver program. This issue grants local users elevated privileges by manipulating the PATH environment variable used by aserver to locate the ps and grep commands. By specifying an alternate PATH, attackers can execute these commands with root access, potentially leading to significant system compromise. This vulnerability underscores the importance of securing server configurations and carefully managing user privileges.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HP-UX

Affected Vendors

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlTni
https://www.cve.org/CVERecord?id=CVE-2000-0077
https://nvd.nist.gov/vuln/detail/CVE-2000-0077

Back to Vulnerability Database