Keepalived 0.5.6

CPE Details

Keepalived 0.5.6
keepalived
keepalived
0.5.6
2019-07-23
11h52 +00:00
2019-07-23
11h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:keepalived:keepalived:0.5.6:*:*:*:*:*:*:*

Informations

Vendor

keepalived

Product

keepalived

Version

0.5.6

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-44225 2021-11-25 23h00 +00:00 In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property
5.4
Medium
CVE-2018-19115 2018-11-08 19h00 +00:00 keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
9.8
Critical
CVE-2011-1784 2011-05-20 20h00 +00:00 The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files.
3.6