Test ID:	1.3.6.1.4.1.25623.1.0.57278
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2006:142 (heartbeat)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to heartbeat announced via advisory MDKSA-2006:142. Two vulnerabilities in heartbeat prior to 2.0.6 was discovered by Yan Rong Ge. The first is that heartbeat would set insecure permissions in an shmget call for shared memory, allowing a local attacker to cause an unspecified denial of service via unknown vectors (CVE-2006-3815). The second is a remote vulnerability that could allow allow the master control process to read invalid memory due to a specially crafted heartbeat message and die of a SEGV, all prior to any authentication (CVE-2006-3121). Updated packages have been patched to correct these issues. Affected: 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:142 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3815 BugTraq ID: 19186 http://www.securityfocus.com/bid/19186 Debian Security Information: DSA-1128 (Google Search) http://www.debian.org/security/2006/dsa-1128 http://security.gentoo.org/glsa/glsa-200608-23.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:142 http://securitytracker.com/id?1016602 http://secunia.com/advisories/21162 http://secunia.com/advisories/21231 http://secunia.com/advisories/21240 http://secunia.com/advisories/21521 http://secunia.com/advisories/21629 http://www.ubuntu.com/usn/usn-326-1 http://www.vupen.com/english/advisories/2006/2994 Common Vulnerability Exposure (CVE) ID: CVE-2006-3121 BugTraq ID: 19516 http://www.securityfocus.com/bid/19516 Debian Security Information: DSA-1151 (Google Search) http://www.debian.org/security/2006/dsa-1151 http://secunia.com/advisories/21505 http://secunia.com/advisories/21511 http://secunia.com/advisories/21518 http://www.ubuntu.com/usn/usn-335-1 http://www.vupen.com/english/advisories/2006/3288 XForce ISS Database: heartbeat-packet-dos(28396) https://exchange.xforce.ibmcloud.com/vulnerabilities/28396
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.