High Availability Linux Project: >> Heartbeat >> 1.2.3 Security Vulnerabilities
The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.
CVSS Score
5.0
EPSS Score
0.21
Published
2006-08-17
High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-07-12