CVE-2001-1564

Name of the Vulnerable Software and Affected Versions HP-UX versions 10.01, 10.10, 10.20, 10.24, 11.00, 11.04, 11.11

Description The issue is related to the setrlimit function in HP-UX, which does not properly enforce core file size on processes after setuid or setgid privileges are dropped. This could allow local users to cause a denial of service by exhausting available disk space.

Recommendations For HP-UX versions 10.01, 10.10, 10.20, 10.24, 11.00, 11.04, 11.11, consider restricting disk space availability to prevent exhaustion. As a temporary workaround, consider implementing strict disk quotas to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.