Vulnerabilities > CVE-2005-3566 - Local Buffer Overflow vulnerability in VERITAS Cluster Server for UNIX
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
Vulnerable Configurations
Exploit-Db
| description | Veritas Storage Foundation 4.0 VCSI18N_LANG Local Overflow Exploit. CVE-2005-3566. Local exploit for linux platform |
| id | EDB-ID:1316 |
| last seen | 2016-01-31 |
| modified | 2005-11-12 |
| published | 2005-11-12 |
| reporter | Kevin Finisterre |
| source | https://www.exploit-db.com/download/1316/ |
| title | Veritas Storage Foundation 4.0 VCSI18N_LANG Local Overflow Exploit |
References
- http://marc.info/?l=bugtraq&m=113199516516880&w=2
- http://osvdb.org/20673
- http://secunia.com/advisories/17502
- http://securityreason.com/securityalert/174
- http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08a.html
- http://securitytracker.com/id?1015169
- http://www.securityfocus.com/bid/15349
- http://www.vupen.com/english/advisories/2005/2350
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22986