Lucene search

[email protected]CVE-2005-3396

HistoryNov 01, 2005 - 12:47 p.m.

CVE-2005-3396

2005-11-0112:47:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3396

buffer overflow

ibm aix

debug malloc

arbitrary code execution

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.

CPENameOperatorVersion
ibm:aixibm aixeq5.3_l
ibm:aixibm aixeq5.3
ibm:aixibm aixeq5.2
ibm:aixibm aixeq5.2_l
ibm:aixibm aixeq5.2.2
ibm:aixibm aixeq5.1l
ibm:aixibm aixeq5.1

CPE	Name	Operator	Version
ibm:aix	ibm aix	eq	5.3_l
ibm:aix	ibm aix	eq	5.3
ibm:aix	ibm aix	eq	5.2
ibm:aix	ibm aix	eq	5.2_l
ibm:aix	ibm aix	eq	5.2.2
ibm:aix	ibm aix	eq	5.1l
ibm:aix	ibm aix	eq	5.1

References

secunia.com/advisories/17380

securityreason.com/securityalert/261

securitytracker.com/id?1015122

www-1.ibm.com/support/docview.wss?uid=isg1IY78241

www-1.ibm.com/support/docview.wss?uid=isg1IY78253

www.securityfocus.com/bid/15247

www.vupen.com/english/advisories/2005/2253

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5470

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

Related for CVE-2005-3396

cvelist1 nessus2