Unrated severityNVD Advisory· Published Nov 1, 2005· Updated Jun 16, 2026

CVE-2005-3396

Description

Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.

Affected products

IBM/Aix8 versions
cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.1l:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2_l:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3_l:*:*:*:*:*:*:*
- (no CPE)range: 5.2, 5.3

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17380nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
securityreason.com/securityalert/261nvd
www-1.ibm.com/support/docview.wssnvd
www-1.ibm.com/support/docview.wssnvd
www.securityfocus.com/bid/15247nvd
www.vupen.com/english/advisories/2005/2253nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5470nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000