CVE-2002-1215
heartbeat - buffer overflow
EPSS 12.0%
Description
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
How to fix CVE-2002-1215
To remediate CVE-2002-1215, upgrade the affected package to a fixed version below.
- Debian/heartbeat—upgrade to 0.4.9.2-1 or later
- Debian/heartbeat—upgrade to 0.4.9.0l-7.2 or later
Is CVE-2002-1215 being exploited?
Moderate — EPSS is 12.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.4.9.2-1
- from 0, < 0.4.9.0l-7.2