CVE-2006-3121

EPSS 20.3%

heartbeat - out-of-bounds read

發布日:2006/8/17修改日:2026/4/28

描述

The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.

受影響套件(2)

Debian/heartbeatfrom 0, < 1.2.4-14
Debian/heartbeatfrom 0, < 1.2.3-9sarge6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-3121