The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux prior to 1.2.5, and 2.0 prior to 2.0.7, allows remote malicious users to cause a denial of service (crash) via the length parameter in a heartbeat message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
high availability linux project heartbeat 2.0.2 |
||
high availability linux project heartbeat 2.0.3 |
||
high availability linux project heartbeat 2.0.4 |
||
high availability linux project heartbeat 2.0.5 |
||
high availability linux project heartbeat 2.0.6 |
||
high availability linux project heartbeat 1.2.3 |
||
high availability linux project heartbeat 1.2.4 |
||
high availability linux project heartbeat 2.0.1 |