cbcvebase.
CVE-2006-3815
published 2006-07-25

CVE-2006-3815: heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of…

PriorityP49low2.1CVSS 2.0
AVLACLAuNCNINAP
EXPLOIT
EPSS
0.78%
51.2th percentile
heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianheartbeat< heartbeat 1.2.4-13 (bookworm)heartbeat 1.2.4-13 (bookworm)
heartbeatheartbeat>= 0 < 1.2.4-131.2.4-13
heartbeatheartbeat>= 0 < 1.2.4-131.2.4-13
heartbeatheartbeat>= 0 < 1.2.4-131.2.4-13
heartbeatheartbeat>= 0 < 1.2.4-131.2.4-13
linux-haheartbeat<= 2.0.5

CVSS provenance

nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv2.1LOW
vendor_debian2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.