Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP.
A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via an overly long value for the NLSPATH environment variable. Because of this flaw, a local attacker may be able to execute arbitrary instructions. As a result, the attacker may be able to execute malicious code and elevate privileges.
#!/usr/bin/perl -w
#
# based on work by stripey from back in the day
# kf_lists[at]digitalmunition[dot]com
#
# http://www.digitalmunition.com