Synopsis :

The remote Debian host is missing a security-related update.

Description :

Yan Rong Ge discovered that wrong permissions on a shared memory page
in heartbeat, the subsystem for High-Availability Linux could be
exploited by a local attacker to cause a denial of service.

See also :

http://www.debian.org/security/2006/dsa-1128

Solution :

Upgrade the heartbeat packages.

For the stable distribution (sarge) this problem has been fixed in
version 1.2.3-9sarge5.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)