Amazon Linux 2 : haproxy2 (ALASHAPROXY2-2023-002)

The version of haproxy2 installed on the remote host is prior to 2.2.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2HAPROXY2-2023-002 advisory. An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missi...

Important: haproxy2

Issue Overview: An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer,...

CVE-2018-20102

An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing...

Photon OS 1.0: Haproxy PHSA-2019-1.0-0220

An update of the haproxy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0220. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

OPENSUSE-SU-2019:0044-1 Security update for haproxy

This update for haproxy to version 1.8.15 fixes the following issues: Security issues fixed: - CVE-2018-20102: Fixed an out-of-bounds read in dnsvalidatednsresponse, which allowed for memory disclosure bsc1119368 - CVE-2018-20103: Fixed an infinite recursion via crafted packet allows stack...

RHEL 7 : OpenShift Container Platform 3.9 haproxy (RHSA-2019:0547)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0547 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fixes: haproxy...

Fedora Update for haproxy FEDORA-2019-0398d1b049

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201901-15] haproxy: denial of service

Arch Linux Security Advisory ASA-201901-15 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2018-20102 CVE-2018-20103 Package : haproxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-836 Summary ======= The package haproxy...

Ubuntu 16.04 LTS / 18.04 LTS : HAProxy vulnerabilities (USN-3858-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3858-1 advisory. It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information...

USN-3858-1: HAProxy vulnerabilities

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information. CVE-2018-20102 It was discovered that HAProxy incorrectly handled certain requests. A attacker could possibly use this issue to cause a denial of service. This...

openSUSE Security Update : haproxy (openSUSE-2019-44)

This update for haproxy to version 1.8.15 fixes the following issues : Security issues fixed : - CVE-2018-20102: Fixed an out-of-bounds read in dnsvalidatednsresponse, which allowed for memory disclosure bsc1119368 - CVE-2018-20103: Fixed an infinite recursion via crafted packet allows stack...

openSUSE: Security Advisory for haproxy (openSUSE-SU-2019:0044-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for haproxy (important)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:0044-1 Rating: important References: 1119368 1119419 Cross-References: CVE-2018-20102 CVE-2018-20103 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description...

CVE-2018-20102

An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing...

CVE-2018-20102

CVE-2018-20102 corresponds to an out-of-bounds read in dns_validate_dns_response() in HAProxy up to versions affected by 1.8.14, enabling potential disclosure of data from the buffer when processing DNS responses. Multiple connected advisories (Red Hat RHSA-2019:1436, Debian DLA-3034-1, EulerOS, ...