CVE-2005-3116 : Stack-based buffer overflow in a shared library as used by the Volume Manager da

Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.

Published 2005-11-18 06:03:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2005-3116

Symantec Veritas » Netbackup » Version: 5.0 With Mp1
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp1:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.1 With Mp3a
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp3a:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.1 Without Mp
cpe:2.3:a:symantec_veritas:netbackup:5.1_without_mp:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.0 With Mp2
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp2:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.0 With Mp3
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp3:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.1 With Mp1
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp1:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.1 With Mp2
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp2:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.0 With Mp4
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp4:*:*:*:*:*:*:*
Matching versions
Symantec Veritas » Netbackup » Version: 5.0 With Mp5
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp5:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-3116

EPSS FAQ

55.11%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 98 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-3116

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2005-3116

http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08b.html

Patch
http://www.idefense.com/application/poi/display?id=336&type=vulnerabilities

Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/22985
http://seer.support.veritas.com/docs/279553.htm

Patch;Vendor Advisory
http://secunia.com/advisories/17503

Patch;Vendor Advisory
http://www.vupen.com/english/advisories/2005/2349
http://www.securityfocus.com/archive/1/422157/100/0/threaded

Exploit;Vendor Advisory
http://www.securityfocus.com/bid/15353

Patch
http://www.kb.cert.org/vuls/id/574662

Patch;US Government Resource
http://securitytracker.com/id?1015170

Patch
http://www.securityfocus.com/archive/1/422066/100/0/threaded

Exploit;Vendor Advisory
http://www.osvdb.org/20674

Patch

Jump to

Vulnerability Details : CVE-2005-3116

Products affected by CVE-2005-3116

Exploit prediction scoring system (EPSS) score for CVE-2005-3116

CVSS scores for CVE-2005-3116

References for CVE-2005-3116