CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36166
https://notcve.org/view.php?id=CVE-2020-36166
An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager (aka VIOM) Windows Management Server 7.x through 7.4.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the \usr\local\ssl\openssl.cnf configuration file, which may not exist. On Windows systems, this path could translate to <drive>:\usr\local\ssl\openssl.cnf, where <drive> could be the default Windows installation drive such as C:\ or the drive where a Veritas product is installed. By default, on Windows systems, users can create directories under any top-level directory. • https://www.veritas.com/content/support/en_US/security/VTS20-014 •
CVSS: 4.3EPSS: 0%CPEs: 40EXPL: 2CVE-2005-3566 – Veritas Storage Foundation 4.0 - VCSI18N_LANG Local Overflow
https://notcve.org/view.php?id=CVE-2005-3566
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew. • https://www.exploit-db.com/exploits/1316 http://marc.info/?l=bugtraq&m=113199516516880&w=2 http://osvdb.org/20673 http://secunia.com/advisories/17502 http://securityreason.com/securityalert/174 http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08a.html http://securitytracker.com/id?1015169 http://www.securityfocus.com/bid/15349 http://www.vupen.com/english/advisories/2005/2350 https://exchange.xforce.ibmcloud.com/vulnerabilities/22986 •