Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2005-3346

Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call.

Published: Nov 20, 2005
Updated: Nov 9, 2025
CVE: CVE-2005-3346
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
osh / osh	1.7.14	1.7.14.x

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338312
http://pulltheplug.org/users/core/files/x_osh3.sh
http://secunia.com/advisories/17527
http://secunia.com/advisories/17967
http://www.debian.org/security/2005/dsa-918
http://www.osvdb.org/20720
http://www.securityfocus.com/bid/15370
http://www.vupen.com/english/advisories/2005/2378
https://exchange.xforce.ibmcloud.com/vulnerabilities/23091

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo