HP-UX Shutdown Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

HP-UX Shutdown Buffer Overflow Vulnerability

A vulnerability exists in the 'shutdown' program, as included with versions 10 and 11 of HP-UX, and HP-UX VirtualVault (VVOS), from Hewlett Packard. The exact nature of this vulnerability was not made available. From the wording of the advisory, it appears to be a buffer overflow.