Buffer Overflow Vulnerability in VERITAS Cluster Server for UNIX
CVE-2005-3566

Currently unrated

Key Information:

Vendor: Symantec Veritas
Status: Storage Foundation Cluster File System; Cluster Server; Storage Foundation; Sanpoint Control Quickstart
Vendor: CVE Published:; 16 November 2005

Summary

A buffer overflow vulnerability exists in multiple commands of VERITAS Cluster Server for UNIX. Local users can exploit this issue by setting the 'VCSI18N_LANG' environment variable to a long value, which can lead to arbitrary code execution through various affected components, including haagent, haclus, and others. This vulnerability underscores the importance of careful management of environment variables and robust input validation within the software.

References

http://www.vupen.com/english/advisories/2005/2350

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1015169

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/22986

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Nov 16, 2005
Vulnerability Reserved
Nov 16, 2005