CVE-2006-3815

heartbeat < 2.0.6 - Denial of Service via Shared Memory Permissions

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3815. PoCs published by anonymous.

AI-analyzed exploit summary This exploit leverages insecure default permissions (666) on shared memory segments used by Linux-HA Heartbeat to overwrite data, causing a denial of service. It attaches to the target shared memory segment and copies arbitrary data into it, crashing the Heartbeat process.

Description

heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · clocallinux

https://www.exploit-db.com/exploits/28287

View Code ZIP pw:eip

This exploit leverages insecure default permissions (666) on shared memory segments used by Linux-HA Heartbeat to overwrite data, causing a denial of service. It attaches to the target shared memory segment and copies arbitrary data into it, crashing the Heartbeat process.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Linux-HA Heartbeat < 2.0.6

No auth needed

Prerequisites: Local access to the system · Heartbeat shared memory segment with insecure permissions (666)

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (15)

Core 15

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21231

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/2994

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200608-23.xml

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21629

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2006/dsa-1128

Patch x_refsource_confirm

http://www.mail-archive.com/linux-ha-cvs%40lists.linux-ha.org/msg00753.html

Various Sources x_refsource_confirm

http://www.linux-ha.org/_cache/SecurityIssues__sec03.txt

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2006:142

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016602

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21162

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/19186

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-326-1

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21240

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21521

Patch x_refsource_confirm

http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/heartbeat/heartbeat.c?r1=1.513&r2=1.514

Scores

EPSS 0.0078

EPSS Percentile 51.0%

Details

CWE

CWE-264

Status published

Products (1)

linux-ha/heartbeat < 2.0.5

Published Jul 25, 2006

Tracked Since Feb 18, 2026