Description
The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.
Exploits
References
security@debian.org
http://secunia.com/advisories/21505security@debian.org
http://secunia.com/advisories/21511security@debian.org
http://secunia.com/advisories/21518security@debian.org
http://secunia.com/advisories/21521security@debian.org
http://secunia.com/advisories/21629security@debian.org
http://security.gentoo.org/glsa/glsa-200608-23.xmlsecurity@debian.org
http://www.debian.org/security/2006/dsa-1151security@debian.org
http://www.linux-ha.org/SecurityIssuessecurity@debian.org
http://www.linux-ha.org/_cache/SecurityIssues__sec03.txtsecurity@debian.org
http://www.mandriva.com/security/advisories?name=MDKSA-2006:142security@debian.org
http://www.securityfocus.com/bid/19516security@debian.org
http://www.ubuntu.com/usn/usn-335-1security@debian.org
http://www.vupen.com/english/advisories/2006/3288security@debian.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/28396af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21505af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21511af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21518af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21521af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21629af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200608-23.xmlaf854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2006/dsa-1151af854a3a-2127-422b-91ae-364da2661108
http://www.linux-ha.org/SecurityIssuesaf854a3a-2127-422b-91ae-364da2661108
http://www.linux-ha.org/_cache/SecurityIssues__sec03.txtaf854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2006:142af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/19516af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-335-1af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/3288af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/28396