CVE-2005-3566

Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.

Affected Software

Name	Vendor	Start Version	End Version
Cluster_server	Symantec_veritas	2.2 (including)	2.2 (including)
Cluster_server	Symantec_veritas	2.2_linux (including)	2.2_linux (including)
Cluster_server	Symantec_veritas	2.2_linux_mp1p1 (including)	2.2_linux_mp1p1 (including)
Cluster_server	Symantec_veritas	2.2_mp1 (including)	2.2_mp1 (including)
Cluster_server	Symantec_veritas	2.2_mp2 (including)	2.2_mp2 (including)
Cluster_server	Symantec_veritas	3.5 (including)	3.5 (including)
Cluster_server	Symantec_veritas	3.5_aix (including)	3.5_aix (including)
Cluster_server	Symantec_veritas	3.5_hp-ux (including)	3.5_hp-ux (including)
Cluster_server	Symantec_veritas	3.5_hp-ux_update_1 (including)	3.5_hp-ux_update_1 (including)
Cluster_server	Symantec_veritas	3.5_hp-ux_update_2 (including)	3.5_hp-ux_update_2 (including)
Cluster_server	Symantec_veritas	3.5_mp1 (including)	3.5_mp1 (including)
Cluster_server	Symantec_veritas	3.5_mp1j (including)	3.5_mp1j (including)
Cluster_server	Symantec_veritas	3.5_mp2 (including)	3.5_mp2 (including)
Cluster_server	Symantec_veritas	3.5_p1 (including)	3.5_p1 (including)
Cluster_server	Symantec_veritas	3.5_solaris (including)	3.5_solaris (including)
Cluster_server	Symantec_veritas	3.5_solaris_beta (including)	3.5_solaris_beta (including)
Cluster_server	Symantec_veritas	3.5_solaris_mp1 (including)	3.5_solaris_mp1 (including)
Cluster_server	Symantec_veritas	3.5_solaris_mp2 (including)	3.5_solaris_mp2 (including)
Cluster_server	Symantec_veritas	3.5_solaris_mp3 (including)	3.5_solaris_mp3 (including)
Cluster_server	Symantec_veritas	4.0_aix (including)	4.0_aix (including)
Cluster_server	Symantec_veritas	4.0_aix_beta (including)	4.0_aix_beta (including)
Cluster_server	Symantec_veritas	4.0_linux (including)	4.0_linux (including)
Cluster_server	Symantec_veritas	4.0_linux_beta (including)	4.0_linux_beta (including)
Cluster_server	Symantec_veritas	4.0_solaris (including)	4.0_solaris (including)
Cluster_server	Symantec_veritas	4.0_solaris_beta (including)	4.0_solaris_beta (including)
Cluster_server	Symantec_veritas	4.0_solaris_mp1 (including)	4.0_solaris_mp1 (including)
Sanpoint_control_quickstart	Symantec_veritas	3.5_solaris (including)	3.5_solaris (including)
Storage_foundation	Symantec_veritas	1.0_aix (including)	1.0_aix (including)
Storage_foundation	Symantec_veritas	2.2_linux (including)	2.2_linux (including)
Storage_foundation	Symantec_veritas	2.2_vmware_esx (including)	2.2_vmware_esx (including)
Storage_foundation	Symantec_veritas	3.0_aix (including)	3.0_aix (including)
Storage_foundation	Symantec_veritas	3.4_aix (including)	3.4_aix (including)
Storage_foundation	Symantec_veritas	3.5_hp-ux (including)	3.5_hp-ux (including)
Storage_foundation	Symantec_veritas	3.5_solaris (including)	3.5_solaris (including)
Storage_foundation	Symantec_veritas	4.0_aix (including)	4.0_aix (including)
Storage_foundation	Symantec_veritas	4.0_linux (including)	4.0_linux (including)
Storage_foundation	Symantec_veritas	4.0_solaris (including)	4.0_solaris (including)
Storage_foundation_cluster_file_system	Symantec_veritas	4.0_aix (including)	4.0_aix (including)
Storage_foundation_cluster_file_system	Symantec_veritas	4.0_linux (including)	4.0_linux (including)
Storage_foundation_cluster_file_system	Symantec_veritas	4.0_solaris (including)	4.0_solaris (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3566
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References