CVE-2005-3566

Exp

Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.

Published: 2005-11-16 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2005-3566 is rated Exploit Available (55.8/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.23%). Core evidence: 2 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2005-3566

EDB-ID Source Kind Published Link
1316 exploit_db edb 2005-11-12 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2005-3566

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.34% 1.23% +0.90%
2 2025-03-30 0.41% 0.34% -0.08%
3 2025-03-29 0.41%

Full EPSS history (6 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2005-3566

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
4.3 2.0 MEDIUM
AV:L/AC:L/Au:S/C:P/I:P/A:P Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:S)
A single authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
3.1 6.4 [email protected]

Weakness enumeration for CVE-2005-3566

Affected software / configurations for CVE-2005-3566

Vendor Product Version Raw CPE
symantec_veritas cluster_server 2.2 cpe:2.3:a:symantec_veritas:cluster_server:2.2:*:*:*:*:*:*:*
symantec_veritas cluster_server 2.2_linux cpe:2.3:a:symantec_veritas:cluster_server:2.2_linux:*:*:*:*:*:*:*
symantec_veritas cluster_server 2.2_linux_mp1p1 cpe:2.3:a:symantec_veritas:cluster_server:2.2_linux_mp1p1:*:*:*:*:*:*:*
symantec_veritas cluster_server 2.2_mp1 cpe:2.3:a:symantec_veritas:cluster_server:2.2_mp1:*:*:*:*:*:*:*
symantec_veritas cluster_server 2.2_mp2 cpe:2.3:a:symantec_veritas:cluster_server:2.2_mp2:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5 cpe:2.3:a:symantec_veritas:cluster_server:3.5:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_aix cpe:2.3:a:symantec_veritas:cluster_server:3.5_aix:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_hp-ux cpe:2.3:a:symantec_veritas:cluster_server:3.5_hp-ux:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_hp-ux_update_1 cpe:2.3:a:symantec_veritas:cluster_server:3.5_hp-ux_update_1:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_hp-ux_update_2 cpe:2.3:a:symantec_veritas:cluster_server:3.5_hp-ux_update_2:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_mp1 cpe:2.3:a:symantec_veritas:cluster_server:3.5_mp1:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_mp1j cpe:2.3:a:symantec_veritas:cluster_server:3.5_mp1j:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_mp2 cpe:2.3:a:symantec_veritas:cluster_server:3.5_mp2:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_p1 cpe:2.3:a:symantec_veritas:cluster_server:3.5_p1:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_solaris cpe:2.3:a:symantec_veritas:cluster_server:3.5_solaris:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_solaris_beta cpe:2.3:a:symantec_veritas:cluster_server:3.5_solaris_beta:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_solaris_mp1 cpe:2.3:a:symantec_veritas:cluster_server:3.5_solaris_mp1:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_solaris_mp2 cpe:2.3:a:symantec_veritas:cluster_server:3.5_solaris_mp2:*:*:*:*:*:*:*
symantec_veritas cluster_server 3.5_solaris_mp3 cpe:2.3:a:symantec_veritas:cluster_server:3.5_solaris_mp3:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_aix cpe:2.3:a:symantec_veritas:cluster_server:4.0_aix:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_aix_beta cpe:2.3:a:symantec_veritas:cluster_server:4.0_aix_beta:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_linux cpe:2.3:a:symantec_veritas:cluster_server:4.0_linux:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_linux_beta cpe:2.3:a:symantec_veritas:cluster_server:4.0_linux_beta:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_solaris cpe:2.3:a:symantec_veritas:cluster_server:4.0_solaris:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_solaris_beta cpe:2.3:a:symantec_veritas:cluster_server:4.0_solaris_beta:*:*:*:*:*:*:*
symantec_veritas cluster_server 4.0_solaris_mp1 cpe:2.3:a:symantec_veritas:cluster_server:4.0_solaris_mp1:*:*:*:*:*:*:*
symantec_veritas sanpoint_control_quickstart 3.5_solaris cpe:2.3:a:symantec_veritas:sanpoint_control_quickstart:3.5_solaris:*:*:*:*:*:*:*
symantec_veritas storage_foundation 1.0_aix cpe:2.3:a:symantec_veritas:storage_foundation:1.0_aix:*:*:*:*:*:*:*
symantec_veritas storage_foundation 2.2_linux cpe:2.3:a:symantec_veritas:storage_foundation:2.2_linux:*:*:*:*:*:*:*
symantec_veritas storage_foundation 2.2_vmware_esx cpe:2.3:a:symantec_veritas:storage_foundation:2.2_vmware_esx:*:*:*:*:*:*:*
symantec_veritas storage_foundation 3.0_aix cpe:2.3:a:symantec_veritas:storage_foundation:3.0_aix:*:*:*:*:*:*:*
symantec_veritas storage_foundation 3.4_aix cpe:2.3:a:symantec_veritas:storage_foundation:3.4_aix:*:*:*:*:*:*:*
symantec_veritas storage_foundation 3.5_hp-ux cpe:2.3:a:symantec_veritas:storage_foundation:3.5_hp-ux:*:*:*:*:*:*:*
symantec_veritas storage_foundation 3.5_solaris cpe:2.3:a:symantec_veritas:storage_foundation:3.5_solaris:*:*:*:*:*:*:*
symantec_veritas storage_foundation 4.0_aix cpe:2.3:a:symantec_veritas:storage_foundation:4.0_aix:*:*:*:*:*:*:*
symantec_veritas storage_foundation 4.0_linux cpe:2.3:a:symantec_veritas:storage_foundation:4.0_linux:*:*:*:*:*:*:*
symantec_veritas storage_foundation 4.0_solaris cpe:2.3:a:symantec_veritas:storage_foundation:4.0_solaris:*:*:*:*:*:*:*
symantec_veritas storage_foundation_cluster_file_system 4.0_aix cpe:2.3:a:symantec_veritas:storage_foundation_cluster_file_system:4.0_aix:*:*:*:*:*:*:*
symantec_veritas storage_foundation_cluster_file_system 4.0_linux cpe:2.3:a:symantec_veritas:storage_foundation_cluster_file_system:4.0_linux:*:*:*:*:*:*:*
symantec_veritas storage_foundation_cluster_file_system 4.0_solaris cpe:2.3:a:symantec_veritas:storage_foundation_cluster_file_system:4.0_solaris:*:*:*:*:*:*:*

References for CVE-2005-3566

cvelogic Threat Intelligence