Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA1128] DSA-1128-1 heartbeat


Vulnerability Assessment Details

[DSA1128] DSA-1128-1 heartbeat

Vulnerability Assessment Summary
DSA-1128-1 heartbeat

Detailed Explanation for this Vulnerability Assessment

Yan Rong Ge discovered that wrong permissions on a shared memory page
in heartbeat, the subsystem for High-Availability Linux could be
exploited by a local attacker to cause a denial of service.
For the stable distribution (sarge) this problem has been fixed in
version 1.2.3-9sarge5.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your heartbeat packages.


Solution : http://www.debian.org/security/2006/dsa-1128
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is (C) 2006 Michel Arboi

Cables, Connectors

Dell PowerEdge 1800 Server 2 Xeon 3 GHz CPU with 12 GB Memory LSI 1020/1030 Raid
$99.99
Dell PowerEdge 1800 Server 2 Xeon 3 GHz CPU with 12 GB Memory LSI 1020/1030 Raid pictureWD MyBook Studio 6TB RAID Hard Drive USB 2, FireWire 800/400, eSATA WD60000H2Q
$148.5
WD MyBook Studio 6TB RAID Hard Drive USB 2, FireWire 800/400, eSATA WD60000H2Q pictureNew SATA Serial ATA RAID DATA SSD HDD Hard Drive Cable 12 inches Long 31 cm Blue
$1.39
New SATA Serial ATA RAID DATA SSD HDD Hard Drive Cable 12 inches Long 31 cm Blue pictureDell HCR2Y H700 Raid Controller w/ 1GB Cache for PowerEdge R & T Series Servers
$189.99
Dell HCR2Y H700 Raid Controller w/ 1GB Cache for PowerEdge R & T Series Servers picture


Discussions

No Discussions have been posted on this vulnerability.