HP Proliant Servers provide an embedded operating system running on a separate CPU called iLO (Integrated Lights Out). It provides various networking and management features for the server.
HP iLO runs an SSH server by default, and users who log in are dropped into a special isolated type of shell. There is a format string vulnerability triggered by the “show” command which allows a low-level user account to cause a denial of service on the service or potentially execute arbitrary code.
Users and Administrators for the server can login and are dropped into an isolated “hpiLO” shell. This shell is unlike a bash or sh environment and more like an isolated CLI. It exposes various commands and verbage to perform operations.