Search criteria
5 vulnerabilities by linux-ha
CVE-2015-1198 (GCVE-0-2015-1198)
Vulnerability from cvelistv5 – Published: 2017-08-28 15:00 – Updated: 2024-08-06 04:33
VLAI?
Summary
Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150118 Re: CVE Request: ha -- directory traversals",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/18/8"
},
{
"name": "72103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150118 Re: CVE Request: ha -- directory traversals",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/18/8"
},
{
"name": "72103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150118 Re: CVE Request: ha -- directory traversals",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/18/8"
},
{
"name": "72103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1198",
"datePublished": "2017-08-28T15:00:00",
"dateReserved": "2015-01-18T00:00:00",
"dateUpdated": "2024-08-06T04:33:20.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3389 (GCVE-0-2010-3389)
Vulnerability from cvelistv5 – Published: 2010-10-20 17:00 – Updated: 2024-08-07 03:11
VLAI?
Summary
The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:43.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639044"
},
{
"name": "ADV-2011-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0416"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598549"
},
{
"name": "RHSA-2011:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0264.html"
},
{
"name": "RHSA-2011:1000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1000.html"
},
{
"name": "43372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43372"
},
{
"name": "RHSA-2011:1580",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1580.html"
},
{
"name": "GLSA-201110-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201110-18.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-23T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639044"
},
{
"name": "ADV-2011-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0416"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598549"
},
{
"name": "RHSA-2011:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0264.html"
},
{
"name": "RHSA-2011:1000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1000.html"
},
{
"name": "43372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43372"
},
{
"name": "RHSA-2011:1580",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1580.html"
},
{
"name": "GLSA-201110-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201110-18.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=639044",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639044"
},
{
"name": "ADV-2011-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0416"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598549",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598549"
},
{
"name": "RHSA-2011:0264",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0264.html"
},
{
"name": "RHSA-2011:1000",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1000.html"
},
{
"name": "43372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43372"
},
{
"name": "RHSA-2011:1580",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1580.html"
},
{
"name": "GLSA-201110-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201110-18.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3389",
"datePublished": "2010-10-20T17:00:00",
"dateReserved": "2010-09-15T00:00:00",
"dateUpdated": "2024-08-07T03:11:43.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4205 (GCVE-0-2007-4205)
Vulnerability from cvelistv5 – Published: 2007-08-08 01:52 – Updated: 2024-08-07 14:46
VLAI?
Summary
XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018505",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018505"
},
{
"name": "ADV-2007-2767",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2767"
},
{
"name": "39396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39396"
},
{
"name": "26265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26265"
},
{
"name": "2978",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2978"
},
{
"name": "20070803 Re: TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475455/100/0/threaded"
},
{
"name": "20070729 TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475065/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018505",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018505"
},
{
"name": "ADV-2007-2767",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2767"
},
{
"name": "39396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39396"
},
{
"name": "26265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26265"
},
{
"name": "2978",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2978"
},
{
"name": "20070803 Re: TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475455/100/0/threaded"
},
{
"name": "20070729 TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475065/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018505",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018505"
},
{
"name": "ADV-2007-2767",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2767"
},
{
"name": "39396",
"refsource": "OSVDB",
"url": "http://osvdb.org/39396"
},
{
"name": "26265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26265"
},
{
"name": "2978",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2978"
},
{
"name": "20070803 Re: TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475455/100/0/threaded"
},
{
"name": "20070729 TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475065/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4205",
"datePublished": "2007-08-08T01:52:00",
"dateReserved": "2007-08-07T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3815 (GCVE-0-2006-3815)
Vulnerability from cvelistv5 – Published: 2006-07-24 22:00 – Updated: 2024-08-07 18:48
VLAI?
Summary
heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21231"
},
{
"name": "ADV-2006-2994",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2994"
},
{
"name": "GLSA-200608-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200608-23.xml"
},
{
"name": "21629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21629"
},
{
"name": "DSA-1128",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1128"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mail-archive.com/linux-ha-cvs%40lists.linux-ha.org/msg00753.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt"
},
{
"name": "MDKSA-2006:142",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:142"
},
{
"name": "1016602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016602"
},
{
"name": "21162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21162"
},
{
"name": "19186",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19186"
},
{
"name": "USN-326-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-326-1"
},
{
"name": "21240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21240"
},
{
"name": "21521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21521"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/heartbeat/heartbeat.c?r1=1.513\u0026r2=1.514"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21231"
},
{
"name": "ADV-2006-2994",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2994"
},
{
"name": "GLSA-200608-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200608-23.xml"
},
{
"name": "21629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21629"
},
{
"name": "DSA-1128",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1128"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mail-archive.com/linux-ha-cvs%40lists.linux-ha.org/msg00753.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt"
},
{
"name": "MDKSA-2006:142",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:142"
},
{
"name": "1016602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016602"
},
{
"name": "21162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21162"
},
{
"name": "19186",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19186"
},
{
"name": "USN-326-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-326-1"
},
{
"name": "21240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21240"
},
{
"name": "21521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21521"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/heartbeat/heartbeat.c?r1=1.513\u0026r2=1.514"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21231"
},
{
"name": "ADV-2006-2994",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2994"
},
{
"name": "GLSA-200608-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200608-23.xml"
},
{
"name": "21629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21629"
},
{
"name": "DSA-1128",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1128"
},
{
"name": "http://www.mail-archive.com/linux-ha-cvs%40lists.linux-ha.org/msg00753.html",
"refsource": "CONFIRM",
"url": "http://www.mail-archive.com/linux-ha-cvs%40lists.linux-ha.org/msg00753.html"
},
{
"name": "http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt",
"refsource": "CONFIRM",
"url": "http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt"
},
{
"name": "MDKSA-2006:142",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:142"
},
{
"name": "1016602",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016602"
},
{
"name": "21162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21162"
},
{
"name": "19186",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19186"
},
{
"name": "USN-326-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-326-1"
},
{
"name": "21240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21240"
},
{
"name": "21521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21521"
},
{
"name": "http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/heartbeat/heartbeat.c?r1=1.513\u0026r2=1.514",
"refsource": "CONFIRM",
"url": "http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/heartbeat/heartbeat.c?r1=1.513\u0026r2=1.514"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3815",
"datePublished": "2006-07-24T22:00:00",
"dateReserved": "2006-07-24T00:00:00",
"dateUpdated": "2024-08-07T18:48:39.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1215 (GCVE-0-2002-1215)
Vulnerability from cvelistv5 – Published: 2002-10-21 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2002:540",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000540"
},
{
"name": "SuSE-SA:2002:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html"
},
{
"name": "DSA-174",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-174"
},
{
"name": "linuxha-heartbeat-bo(10357)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10357.php"
},
{
"name": "5955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux-ha.org/security/sec01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-11-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2002:540",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000540"
},
{
"name": "SuSE-SA:2002:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html"
},
{
"name": "DSA-174",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-174"
},
{
"name": "linuxha-heartbeat-bo(10357)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10357.php"
},
{
"name": "5955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux-ha.org/security/sec01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2002:540",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000540"
},
{
"name": "SuSE-SA:2002:037",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html"
},
{
"name": "DSA-174",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-174"
},
{
"name": "linuxha-heartbeat-bo(10357)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10357.php"
},
{
"name": "5955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5955"
},
{
"name": "http://linux-ha.org/security/sec01.txt",
"refsource": "CONFIRM",
"url": "http://linux-ha.org/security/sec01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1215",
"datePublished": "2002-10-21T04:00:00",
"dateReserved": "2002-10-15T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}