Linux Security
    Linux Security
    Linux Security

    Debian: 'heartbeat' Buffer overflow vulnerability

    Date 14 Oct 2002
    Posted By LinuxSecurity Advisories
    A remote attacker could send a speciallycrafted TCP packet that overflows a buffer, leaving heartbeat toexecute arbitrary code as root.
    Debian Security Advisory DSA 174-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    October 14th, 2002             
    Package        : heartbeat
    Vulnerability  : buffer overflow
    Problem-Type   : remote
    Debian-specific: no
    Upstream URL   :
    Nathan Wallwork discovered a buffer overflow in heartbeat, a subsystem
    for High-Availability Linux.  A remote attacker could send a specially
    crafted TCP packet that overflows a buffer, leaving heartbeat to
    execute arbitrary code as root.
    This problem has been fixed in version for the current
    stable distribution (woody) and version for the unstable
    distribution (sid).  The old stable distribution (potato) doesn't
    contain a heartbeat package.
    We recommend that you upgrade your heartbeat package immediately if
    you run internet connected servers that are heartbeat-monitored.
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.0 alias woody
      Source archives:
          Size/MD5 checksum:      658 4e8837e9eb95922aa5afc247a494db5f
          Size/MD5 checksum:    46755 411725a4fd7aa7eef881cf51ba1a8cfb
          Size/MD5 checksum:   308033 1dcae9e87ad2e5c2113e91a884c1ca8e
      Architecture independent components:
          Size/MD5 checksum:    33118 27d3073cade1d823e0405755b9b4ebd1
      Alpha architecture:
          Size/MD5 checksum:   207742 bad9f314f54f855aca65766778a6c0b6
          Size/MD5 checksum:    15444 461b6552e2ad5ed112bbad3a13e083b7
          Size/MD5 checksum:    14078 1a03d5c6f3dff85bcd9a20e5b1286c79
          Size/MD5 checksum:    63892 3a8013ede5a68f62af818bd6f13369ea
      ARM architecture:
          Size/MD5 checksum:   193994 b2547bee30b2db32b8fd53943a6a0c1e
          Size/MD5 checksum:    15108 1e284480e2ec8e1e45c11d6035847f37
          Size/MD5 checksum:    13430 3424c37fbb757be208ac220636b1a3e6
          Size/MD5 checksum:    53572 9ee34e2dc31d9bb9eb7f430e9c259c3e
      Intel IA-32 architecture:
          Size/MD5 checksum:   185196 b59c131ae306280c722716ac3d54ac37
          Size/MD5 checksum:    14786 c5524b1271c4dd6863d16af09b3f5427
          Size/MD5 checksum:    13300 b95830c76892050c2f78e924a4881b6c
          Size/MD5 checksum:    51018 c1b98bd10d698030abde5e608a694762
      Intel IA-64 architecture:
          Size/MD5 checksum:   259426 34814d6a05215a9cbd3e5c96420d16dd
          Size/MD5 checksum:    16156 65ff55faefafac7d4283ce57441d7d00
          Size/MD5 checksum:    15240 ff38757ef93dc3bf1027062c6f3bc06e
          Size/MD5 checksum:   100186 cc86feab05680b136abd9730a42c49c7
      HP Precision architecture:
          Size/MD5 checksum:   195424 bd2d9eae9a1b3dd8fefd11c30520baa7
          Size/MD5 checksum:    15250 93505675caf2cb172abae2219ed0e5eb
          Size/MD5 checksum:    13620 e6d96de79a3c2963cad57c189ce4efd8
          Size/MD5 checksum:    55176 d6b01189015ccf70c6cdb9e34dfa3253
      Motorola 680x0 architecture:
          Size/MD5 checksum:   187538 c5d11a2c4504d6c828fa34927faa2a4a
          Size/MD5 checksum:    14930 9bb0a67c7b56e72a6053e3c4ab175079
          Size/MD5 checksum:    13466 30cab37a51d6909c46adde55df5dc98e
          Size/MD5 checksum:    53768 9338807e769384d2d42910905b8d7806
      Big endian MIPS architecture:
          Size/MD5 checksum:   185540 45d1de10e0b9c3648a8ecc64ca218533
          Size/MD5 checksum:    15198 a4336aa15162d94eefe5092f1e08236b
          Size/MD5 checksum:    13392 3eca61944f10a2465af5c2fb30009e45
          Size/MD5 checksum:    51178 3188ea4887b232248496e3ecc181a2c0
      Little endian MIPS architecture:
          Size/MD5 checksum:   185238 81527febb4de912fe2afd4dc6d268812
          Size/MD5 checksum:    15206 11abb4dd2097a410a5478c8ad65aca89
          Size/MD5 checksum:    13374 fba244b6ab2498f8992dbf76a207ef03
          Size/MD5 checksum:    50586 4fa3092c389d8622d710c0a382e5756a
      PowerPC architecture:
          Size/MD5 checksum:   187538 aa2be77ac0297e0dad79c109f3e358db
          Size/MD5 checksum:    14902 e131b0dfe4e60a0969ced8d58c4c8c12
          Size/MD5 checksum:    13412 c163239ed250b5b8644e2a411ea2f357
          Size/MD5 checksum:    52864 6d12535b030bd36a5652de3eaabe62c9
      IBM S/390 architecture:
          Size/MD5 checksum:   192056 59da9c083e9ac891c9450df298b28138
          Size/MD5 checksum:    14914 96ae3b7102d045ed006b6bfd3b0cba46
          Size/MD5 checksum:    13514 8c99f89a1a0aaa511b0a9b55669c9d78
          Size/MD5 checksum:    50554 84a7e86dda458b6fd5f11e71734917f8
      Sun Sparc architecture:
          Size/MD5 checksum:   204554 c673d5f9fe461cff9d480d5e27ef9266
          Size/MD5 checksum:    15250 a9f2c0fd52c533eb9feb957ccd1e280e
          Size/MD5 checksum:    13436 6f6659414591599f5648665e8285793e
          Size/MD5 checksum:    68248 fd05a5e856c774272407e0be0c4a3432
      These files will probably be moved into the stable distribution on
      its next revision.
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.