22 matches found
RHEL 6 : Red Hat OpenShift Enterprise 2.2.8 (RHSA-2015:2666)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:2666 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...
CVE-2015-3281 HAProxy vulnerabilities | Cloud Foundry
Severity Medium Vendor HAProxy Versions Affected HAProxy 1.5.x Description It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests. Affected Products and Versions Severity is...
Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.2.8 security, bug fix, and enhancement update
Red Hat OpenShift Enterprise release 2.2.8, which fixes one security issue, several bugs, and introduces feature enhancements, is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
openSUSE: Security Advisory for haproxy (openSUSE-SU-2015:1831-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : haproxy (openSUSE-2015-682)
haproxy was updated to fix two security issues. These security issues were fixed : - CVE-2015-3281: The bufferslowrealign function in HAProxy did not properly realign a buffer that is used for pending outgoing data, which allowed remote attackers to obtain sensitive information uninitialized memo...
Security update for haproxy (important)
haproxy was updated to fix two security issues. These security issues were fixed: - CVE-2015-3281: The bufferslowrealign function in HAProxy did not properly realign a buffer that is used for pending outgoing data, which allowed remote attackers to obtain sensitive information uninitialized memor...
Oracle: Security Advisory (ELSA-2015-1741)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 / 7 : haproxy 1.5 (RHSA-2015:1741)
An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses w...
CentOS Update for haproxy CESA-2015:1741 centos7
Check the version of haproxy SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882283";...
CentOS Update for haproxy CESA-2015:1741 centos6
Check the version of haproxy SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882282";...
haproxy security update
1.5.4-4.1 - Fix bufferslowrealign function to respect output data CVE-2015-3281, 1241537...
Fedora 21 : haproxy-1.5.14-1.fc21 (2015-11255)
Security fix for CVE-2015-3281 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 22 : haproxy-1.5.14-1.fc22 (2015-11267)
Security fix for CVE-2015-3281 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
[USN-2668-1] HAProxy vulnerability
========================================================================== Ubuntu Security Notice USN-2668-1 July 07, 2015 haproxy vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
FreeBSD : haproxy -- information leak vulnerability (cbfa8bd7-24b6-11e5-86ff-14dae9d210b8)
HAProxy reports : A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie...
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
CVE-2015-3281
HAProxy upstream issue CVE-2015-3281 affects HAProxy 1.5.x (pre-1.5.14) and 1.6-dev, where buffer_slow_realign() mishandles the output buffer, enabling an unauthenticated remote attacker to obtain uninitialized memory from previous requests via a crafted request. Public advisories document data l...
Debian DSA-3301-1 : haproxy - security update
Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used. A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or...
[SECURITY] [DSA 3301-1] haproxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3301-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2015 https://www.debian.org/security/faq -...