CVE-2002-0577

A local attacker with no authentication required can exploit the poor error handling in `/sbin/passwd` [ref_id=1]. By triggering specific error conditions during a password change operation, the command fails to recover gracefully and corrupts the system password file. This results in a denial of service because the corrupted password file prevents legitimate users from authenticating. The attack complexity is low and the impact is limited to availability (partial) [ref_id=1].

The vulnerability resides in `/sbin/passwd` on HP-UX B.11.00, B.11.11, and B.11.23. The advisory states that "the /sbin/passwd command does not recover gracefully from some error conditions," which allows a local user to corrupt the password file and cause a denial of service [ref_id=1].

HP released cumulative patches for each affected version: PHCO_33219 for B.11.00, PHCO_33214/PHCO_33215 for B.11.11, and PHCO_32149/PHCO_32926 for B.11.23 [ref_id=1]. The patches address the underlying error-handling flaw so that `/sbin/passwd` properly recovers from error conditions instead of leaving the password file in an inconsistent state. The advisory does not provide a code-level diff, but the resolution is to install the specified patches from the HP ITRC portal [ref_id=1].