Vulnerability CVE-2002-1215
Published: 2002-10-28   Modified: 2012-02-12

Description:
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Linux-ha -> Heartbeat 

 References:
http://www.securityfocus.com/bid/5955
http://www.debian.org/security/2002/dsa-174
http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html
http://www.iss.net/security_center/static/10357.php
http://linux-ha.org/security/sec01.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540
Copyright 2024, cxsecurity.com

 

Back to Top