Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3566

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3566
Last Modified 07 Mar 2011 09:26:47
Published 16 Nov 2005 02:42:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-3566

Summary

Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.

Vulnerable Systems

Application

  • Symantec Veritas Cluster Server 2.2

  • Symantec Veritas Cluster Server 2.2 Linux

  • Symantec Veritas Cluster Server 2.2 Linux Mp1p1

  • Symantec Veritas Cluster Server 2.2 Mp1

  • Symantec Veritas Cluster Server 2.2 Mp2

  • Symantec Veritas Cluster Server 3.5

  • Symantec Veritas Cluster Server 3.5 Aix

  • Symantec Veritas Cluster Server 3.5 Hp-ux

  • Symantec Veritas Cluster Server 3.5 Hp-ux Update 1

  • Symantec Veritas Cluster Server 3.5 Hp-ux Update 2

  • Symantec Veritas Cluster Server 3.5 Mp1

  • Symantec Veritas Cluster Server 3.5 Mp1j

  • Symantec Veritas Cluster Server 3.5 Mp2

  • Symantec Veritas Cluster Server 3.5 P1

  • Symantec Veritas Cluster Server 3.5 Solaris

  • Symantec Veritas Cluster Server 3.5 Solaris Beta

  • Symantec Veritas Cluster Server 3.5 Solaris Mp1

  • Symantec Veritas Cluster Server 3.5 Solaris Mp2

  • Symantec Veritas Cluster Server 3.5 Solaris Mp3

  • Symantec Veritas Cluster Server 4.0 Aix

  • Symantec Veritas Cluster Server 4.0 Aix Beta

  • Symantec Veritas Cluster Server 4.0 Linux

  • Symantec Veritas Cluster Server 4.0 Linux Beta

  • Symantec Veritas Cluster Server 4.0 Solaris

  • Symantec Veritas Cluster Server 4.0 Solaris Beta

  • Symantec Veritas Cluster Server 4.0 Solaris Mp1

  • Symantec Veritas Sanpoint Control Quickstart 3.5 Solaris

  • Symantec Veritas Storage Foundation 1.0 Aix

  • Symantec Veritas Storage Foundation 2.2 Linux

  • Symantec Veritas Storage Foundation 2.2 Vmware Esx

  • Symantec Veritas Storage Foundation 3.0 Aix

  • Symantec Veritas Storage Foundation 3.4 Aix

  • Symantec Veritas Storage Foundation 3.5 Hp-ux

  • Symantec Veritas Storage Foundation 3.5 Solaris

  • Symantec Veritas Storage Foundation 4.0 Aix

  • Symantec Veritas Storage Foundation 4.0 Linux

  • Symantec Veritas Storage Foundation 4.0 Solaris

  • Symantec Veritas Storage Foundation Cluster File System 4.0 Aix

  • Symantec Veritas Storage Foundation Cluster File System 4.0 Linux

  • Symantec Veritas Storage Foundation Cluster File System 4.0 Solaris


References

SECTRACK - 1015169

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08a.html

SECUNIA - 17502

XF - veritas-ha-bo(22986)

VUPEN - ADV-2005-2350

BID - 15349

OSVDB - 20673

BUGTRAQ - 20051112 DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow'

SREASON - 174


Last Updated: 27 May 2016 10:40:58