[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3815Date: (C)2006-07-25   (M)2023-12-22


heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1016602
BID-19186
SECUNIA-21162
SECUNIA-21231
SECUNIA-21240
SECUNIA-21521
SECUNIA-21629
ADV-2006-2994
DSA-1128
GLSA-200608-23
MDKSA-2006:142
USN-326-1
http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/heartbeat/heartbeat.c?r1=1.513&r2=1.514
http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt
http://www.mail-archive.com/linux-ha-cvs%40lists.linux-ha.org/msg00753.html

CPE    1
cpe:/a:linux-ha:heartbeat:2.0.5
CWE    1
CWE-264

© SecPod Technologies