10 matches found
Photon OS 1.0: Haproxy PHSA-2019-1.0-0220
An update of the haproxy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0220. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
OPENSUSE-SU-2019:0044-1 Security update for haproxy
This update for haproxy to version 1.8.15 fixes the following issues: Security issues fixed: - CVE-2018-20102: Fixed an out-of-bounds read in dnsvalidatednsresponse, which allowed for memory disclosure bsc1119368 - CVE-2018-20103: Fixed an infinite recursion via crafted packet allows stack...
Fedora Update for haproxy FEDORA-2019-0398d1b049
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201901-15] haproxy: denial of service
Arch Linux Security Advisory ASA-201901-15 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2018-20102 CVE-2018-20103 Package : haproxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-836 Summary ======= The package haproxy...
Ubuntu 16.04 LTS / 18.04 LTS : HAProxy vulnerabilities (USN-3858-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3858-1 advisory. It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information...
USN-3858-1: HAProxy vulnerabilities
It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information. CVE-2018-20102 It was discovered that HAProxy incorrectly handled certain requests. A attacker could possibly use this issue to cause a denial of service. This...
openSUSE Security Update : haproxy (openSUSE-2019-44)
This update for haproxy to version 1.8.15 fixes the following issues : Security issues fixed : - CVE-2018-20102: Fixed an out-of-bounds read in dnsvalidatednsresponse, which allowed for memory disclosure bsc1119368 - CVE-2018-20103: Fixed an infinite recursion via crafted packet allows stack...
openSUSE: Security Advisory for haproxy (openSUSE-SU-2019:0044-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for haproxy (important)
openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:0044-1 Rating: important References: 1119368 1119419 Cross-References: CVE-2018-20102 CVE-2018-20103 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description...
CVE-2018-20103
CVE-2018-20103 affects HAProxy versions up to 1.8.14 (and related 1.8.x lineage); a crafted DNS response with a compressed pointer can cause infinite recursion or long pointer chains, leading to stack exhaustion and denial of service. The issue originates in dns.c when validating DNS responses. R...