HP-UX 11.11 strlimit() Kernel Panic Vulnerability

info
discussion
exploit
solution
references

HP-UX 11.11 strlimit() Kernel Panic Vulnerability

Some versions of HP-UX contain a vulnerability in their implementation of the setrlimit() function call, used to limit the consumption of various system resources for a given process.

It has been reported that under HP-UX 11.11, setrlimit may cause unexpected kernel panics. It may be possible to exploit this vulnerability locally and cause a denial of service condition.