CVE-2000-0147 in OpenServer
Summary
by MITRE
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 04/20/2026
The vulnerability identified as CVE-2000-0147 represents a critical security flaw in the SNMP daemon implementation of SCO OpenServer operating systems. This issue stems from the default configuration where the SNMP community string, which serves as a basic form of authentication for network management operations, can be modified by local users with minimal privileges. The flaw exists within the network services framework of the operating system and directly impacts the security posture of systems running SCO OpenServer versions that include the affected snmpd service. The community string acts as a password for SNMP operations, and when writable by local users, it creates an avenue for unauthorized configuration changes that could compromise the entire system's network management capabilities.
This vulnerability maps directly to CWE-798, which addresses the use of hard-coded credentials or default credentials in software implementations, and specifically relates to CWE-269, which covers improper privileges for system resources. The technical implementation flaw occurs at the service configuration level where the snmpd daemon does not properly enforce access controls for its community string configuration parameters. Local attackers can exploit this by simply executing commands that modify the SNMP configuration files or through direct manipulation of the running service configuration, bypassing the intended security mechanisms that should restrict such modifications to authorized administrators only.
The operational impact of this vulnerability extends beyond simple configuration changes, as it provides attackers with potential access to critical network management functions. When local users can modify the SNMP community string, they gain the ability to perform various network management operations including reading system information, modifying network parameters, and potentially gaining further access to other system resources. This vulnerability aligns with ATT&CK technique T1059, which covers command and scripting interpreter, as attackers could use the modified SNMP configuration to execute commands or establish persistent access. The compromise of SNMP configuration also enables attackers to manipulate network monitoring capabilities, potentially hiding their activities from legitimate network management tools and creating a persistent threat vector.
Mitigation strategies for CVE-2000-0147 should focus on immediate configuration hardening and access control enforcement. System administrators must immediately change the default SNMP community strings to strong, unique values and ensure that only authorized personnel have write access to the SNMP configuration files and services. The implementation should follow security best practices including the use of SNMPv3 with strong authentication and encryption mechanisms rather than relying on the vulnerable SNMPv1 or SNMPv2c protocols. Additionally, implementing proper file system permissions and access controls around SNMP configuration files, combined with regular security audits and monitoring of configuration changes, would significantly reduce the risk of exploitation. Organizations should also consider implementing network segmentation and firewall rules to limit SNMP access to trusted management stations only, thereby reducing the attack surface for this and similar vulnerabilities.