Linux Ha
Products
3- 3 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-1198 | Hig | 0.49 | 7.5 | 0.03 | Aug 28, 2017 | Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5. | |
| CVE-2006-3815 | 0.03 | — | 0.00 | Jul 25, 2006 | heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup. | ||
| CVE-2002-1215 | 0.01 | — | 0.12 | Oct 28, 2002 | Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources). | ||
| CVE-2010-3389 | 0.00 | — | 0.00 | Oct 20, 2010 | The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||
| CVE-2007-4205 | 0.00 | — | 0.01 | Aug 8, 2007 | XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121. |
- risk 0.49cvss 7.5epss 0.03
Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5.
- CVE-2006-3815Jul 25, 2006risk 0.03cvss —epss 0.00
heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.
- CVE-2002-1215Oct 28, 2002risk 0.01cvss —epss 0.12
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
- CVE-2010-3389Oct 20, 2010risk 0.00cvss —epss 0.00
The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
- CVE-2007-4205Aug 8, 2007risk 0.00cvss —epss 0.01
XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121.