Debian Local Security Checks : Debian Security Advisory DSA 1151-1 (heartbeat)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 94899 CVE descriptions and 51984 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.57295

Category: Debian Local Security Checks

Title: Debian Security Advisory DSA 1151-1 (heartbeat)

Summary: Debian Security Advisory DSA 1151-1 (heartbeat)

Description: Description:
The remote host is missing an update to heartbeat
announced via advisory DSA 1151-1.

Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the
subsystem for High-Availability Linux. This could be used by a remote
attacker to cause a denial of service.

For the stable distribution (sarge) this problem has been fixed in
version 1.2.3-9sarge6.

For the unstable distribution (sid) this problem has been fixed in
version 1.2.4-14 and heartbeat-2 2.0.6-2.

We recommend that you upgrade your heartbeat packages.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201151-1

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-3121
Debian Security Information: DSA-1151 (Google Search)
http://www.debian.org/security/2006/dsa-1151
http://security.gentoo.org/glsa/glsa-200608-23.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:142
http://www.ubuntu.com/usn/usn-335-1
BugTraq ID: 19516
http://www.securityfocus.com/bid/19516
http://www.vupen.com/english/advisories/2006/3288
http://secunia.com/advisories/21505
http://secunia.com/advisories/21511
http://secunia.com/advisories/21518
http://secunia.com/advisories/21521
http://secunia.com/advisories/21629
XForce ISS Database: heartbeat-packet-dos(28396)
http://xforce.iss.net/xforce/xfdb/28396

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 51984 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.57295
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 1151-1 (heartbeat)
Summary:	Debian Security Advisory DSA 1151-1 (heartbeat)
Description:	Description: The remote host is missing an update to heartbeat announced via advisory DSA 1151-1. Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the subsystem for High-Availability Linux. This could be used by a remote attacker to cause a denial of service. For the stable distribution (sarge) this problem has been fixed in version 1.2.3-9sarge6. For the unstable distribution (sid) this problem has been fixed in version 1.2.4-14 and heartbeat-2 2.0.6-2. We recommend that you upgrade your heartbeat packages. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%201151-1 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3121 Debian Security Information: DSA-1151 (Google Search) http://www.debian.org/security/2006/dsa-1151 http://security.gentoo.org/glsa/glsa-200608-23.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:142 http://www.ubuntu.com/usn/usn-335-1 BugTraq ID: 19516 http://www.securityfocus.com/bid/19516 http://www.vupen.com/english/advisories/2006/3288 http://secunia.com/advisories/21505 http://secunia.com/advisories/21511 http://secunia.com/advisories/21518 http://secunia.com/advisories/21521 http://secunia.com/advisories/21629 XForce ISS Database: heartbeat-packet-dos(28396) http://xforce.iss.net/xforce/xfdb/28396
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com