Linux-HA heartbeat package remote buffer overflow
|linuxha-heartbeat-bo (10357)||High Risk|
The heartbeat program is vulnerable to a remotely exploitable buffer overflow. By sending a specially-crafted TCP packet to heartbeat, a remote attacker could overflow a buffer and execute arbitrary code on the system with root privileges.
Upgrade to the latest version of heartbeat (0.4.9.2 or later) or (0.4.9e or later), as listed in Linux-HA Security Announcement 14 October, 2002. See References.
For Debian GNU/Linux 3.0:
Upgrade to the latest version of heartbeat (0.4.9.01-7.2 or later), as listed in DSA 174-1. See References.
For SuSE Linux 8.0:
Upgrade to the latest version of heartbeat (0.4.9.1-159 or later), as listed in SuSE Security Announcement SuSE-SA:2002:037. See References.
For Conectiva Linux:
Upgrade to the latest heartbeat package, as listed below. Refer to Conectiva Linux Announcement CLSA-2002:540 for more information. See References.
Conectiva Linux 8.0: 0.4.9.1-2U80_1cl or later
For other distributions:
Contact your vendor for upgrade or patch information.
- Conectiva Linux Announcement CLSA-2002:540: Remote format string vulnerability.
- Linux-HA Security Announcement 14 October, 2002: Fixed a serious potential remote root vulnerability.
- Linux-HA Web site: Heartbeat home page.
- BID-5955: Linux-HA Heartbeat Remote Buffer Overflow Vulnerability
- CVE-2002-1215: Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
- DSA-174: heartbeat -- buffer overflow
- OSVDB ID: 14512: heartbeat Multiple Unspecified Remote Format Strings
- Conectiva Linux 8.0
- Debian Debian Linux 3.0
- Linux-HA Heartbeat 0.4.9.1
- SUSE SuSE Linux 8.0
Oct 14, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this