CVE-2005-1771

An attacker can exploit this vulnerability remotely against HP-UX systems that have been converted to trusted systems. The advisory indicates the attack vector likely involves remshd (the remote shell daemon) and/or the telnet -t option, though the precise mechanism is not disclosed [ref_id=1]. No authentication or special network position is described as a prerequisite; the vulnerability is reachable over the network without prior access.

The advisory does not specify exact functions or file paths. It identifies the affected filesets as InternetSrvcs.INETSVCS-RUN and OS-Core.CORE-SHLIBS (or CORE2-SHLIBS) on HP-UX trusted systems B.11.00 through B.11.23, and notes that the vulnerability may involve remshd and/or the telnet -t option [ref_id=1].

HP released patch kits for most affected versions: PHCO_29249 and PHNE_17030 for B.11.00, PHCO_33215 for B.11.11, and PHCO_32926 for B.11.23 [ref_id=1]. For B.11.22, no patch is available; the workaround is to disable remshd by commenting out its lines in /etc/inetd.conf and to remove the -t option from the telnetd line, then running "/usr/sbin/inetd -c" or rebooting [ref_id=1]. The advisory does not describe what the patches change internally.

No public exploit or PoC is included in the bundle.