{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-10-14T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-11-10T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "CLA-2002:540", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540"}, {"name": "SuSE-SA:2002:037", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html"}, {"name": "DSA-174", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-174"}, {"name": "linuxha-heartbeat-bo(10357)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/10357.php"}, {"name": "5955", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5955"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://linux-ha.org/security/sec01.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1215", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "CLA-2002:540", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540"}, {"name": "SuSE-SA:2002:037", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html"}, {"name": "DSA-174", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-174"}, {"name": "linuxha-heartbeat-bo(10357)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10357.php"}, {"name": "5955", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5955"}, {"name": "http://linux-ha.org/security/sec01.txt", "refsource": "CONFIRM", "url": "http://linux-ha.org/security/sec01.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1215", "datePublished": "2002-10-21T04:00:00", "dateReserved": "2002-10-15T00:00:00", "dateUpdated": "2002-11-10T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linux-ha:heartbeat:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D2BFEC4-AC06-4F3F-92E4-951431588499", "versionEndIncluding": "0.4.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources)."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de formato de cadena en heartbeat 0.4.9 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ciertos paquetes al puerto UDP 694."}], "id": "CVE-2002-1215", "lastModified": "2008-09-10T19:14:03.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-10-28T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540"}, {"source": "cve@mitre.org", "url": "http://linux-ha.org/security/sec01.txt"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2002/dsa-174"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/10357.php"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/5955"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}