Launchpad.net

CVE 2007-3374

Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluster-suite) before 20070622 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long client messages.

Related bugs and status

CVE-2007-3374 (Candidate) is related to these bugs:

Bug #121780: DoS via local buffer overflow

		In	Importance	Status
121780	DoS via local buffer overflow	redhat-cluster-suite (Ubuntu)	High	Fix Released
121780	DoS via local buffer overflow	Red Hat Cluster	Low	Fix Released
121780	DoS via local buffer overflow	redhat-cluster-suite (Ubuntu Gutsy)	High	Fix Released
121780	DoS via local buffer overflow	redhat-cluster-suite (Ubuntu Feisty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [cluster-devel] 200706...
CONFIRM: https://launchpad.net/...
UBUNTU: USN-476-1
SECUNIA: 25818
SECUNIA: 25799
REDHAT: RHSA-2007:0559
BID: 24595
SECTRACK: 1018323
SECUNIA: 25886
OSVDB: 37497
CONFIRM: http://sourceware.org/...
XF: clusterproject-process...
OVAL: oval:org.mitre.oval:de...