Hewlett Packard Information for VU#569272
System V derived login contains a remotely exploitable buffer overflow
- Vendor Information Help Date Notified: 24 Oct 2001
- Statement Date:
- Date Updated: 19 Dec 2001
HP-UX is NOT Exploitable. It is NOT a security issue with HP-UX. HP-UX does have a benign buffer overflow which is the only reason HP-UX is listed as "effected" above. In any case, the buffer overflow has been fixed by HP.
The vendor has not provided us with any further information regarding this vulnerability.
We have confirmed with Hewlett-Packard that the flaw is present. Hewlett-Packard has indicated that they were unable to develop an exploit for this flaw, however, we do not believe that this is sufficient evidence to conclude that HP systems are not vulnerable.
If you have feedback, comments, or additional information about this vulnerability, please send us email.