CVE-2005-3566

Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.

Published: Nov 16, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3566
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:L/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec_veritas / storage_foundation_cluster_file_system	4.0_linux	4.0_linux.x
symantec_veritas / cluster_server	3.5_solaris_mp3	3.5_solaris_mp3.x
symantec_veritas / cluster_server	4.0_solaris_mp1	4.0_solaris_mp1.x
symantec_veritas / storage_foundation	3.4_aix	3.4_aix.x
symantec_veritas / cluster_server	2.2_linux	2.2_linux.x
symantec_veritas / cluster_server	2.2_mp1	2.2_mp1.x
symantec_veritas / cluster_server	3.5_mp2	3.5_mp2.x
symantec_veritas / storage_foundation	3.5_solaris	3.5_solaris.x
symantec_veritas / storage_foundation	2.2_linux	2.2_linux.x
symantec_veritas / cluster_server	4.0_linux_beta	4.0_linux_beta.x
symantec_veritas / storage_foundation	4.0_linux	4.0_linux.x
symantec_veritas / storage_foundation_cluster_file_system	4.0_solaris	4.0_solaris.x
symantec_veritas / cluster_server	4.0_solaris	4.0_solaris.x
symantec_veritas / cluster_server	4.0_solaris_beta	4.0_solaris_beta.x
symantec_veritas / storage_foundation	3.5_hp-ux	3.5_hp-ux.x
symantec_veritas / cluster_server	3.5_hp-ux	3.5_hp-ux.x
symantec_veritas / storage_foundation	3.0_aix	3.0_aix.x
symantec_veritas / cluster_server	3.5_aix	3.5_aix.x
symantec_veritas / storage_foundation	4.0_solaris	4.0_solaris.x
symantec_veritas / storage_foundation_cluster_file_system	4.0_aix	4.0_aix.x
symantec_veritas / cluster_server	3.5	3.5.x
symantec_veritas / sanpoint_control_quickstart	3.5_solaris	3.5_solaris.x
symantec_veritas / cluster_server	3.5_mp1	3.5_mp1.x
symantec_veritas / cluster_server	2.2_mp2	2.2_mp2.x
symantec_veritas / cluster_server	3.5_solaris_mp1	3.5_solaris_mp1.x
symantec_veritas / cluster_server	3.5_solaris	3.5_solaris.x
symantec_veritas / cluster_server	3.5_solaris_beta	3.5_solaris_beta.x
symantec_veritas / cluster_server	3.5_mp1j	3.5_mp1j.x
symantec_veritas / cluster_server	4.0_aix_beta	4.0_aix_beta.x
symantec_veritas / cluster_server	3.5_p1	3.5_p1.x
symantec_veritas / cluster_server	3.5_hp-ux_update_1	3.5_hp-ux_update_1.x
symantec_veritas / cluster_server	3.5_hp-ux_update_2	3.5_hp-ux_update_2.x
symantec_veritas / cluster_server	2.2_linux_mp1p1	2.2_linux_mp1p1.x
symantec_veritas / storage_foundation	1.0_aix	1.0_aix.x
symantec_veritas / storage_foundation	4.0_aix	4.0_aix.x
symantec_veritas / cluster_server	4.0_linux	4.0_linux.x
symantec_veritas / cluster_server	4.0_aix	4.0_aix.x
symantec_veritas / cluster_server	3.5_solaris_mp2	3.5_solaris_mp2.x
symantec_veritas / cluster_server	2.2	2.2.x
symantec_veritas / storage_foundation	2.2_vmware_esx	2.2_vmware_esx.x

Vulnerability Database

289,697

CVE-2005-3566