Photon OS 1.0: Haproxy PHSA-2016-0012

An update of the haproxy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2016-0012. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121649;...

RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations

Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. Initial public release at BruCON 2018: Video: https://www.youtube.com/watch?v=OjtftdPts4g Presentation slides:...

SUSE-SU-2019:0232-1 Security update for haproxy

This update for haproxy version 1.8.17 fixes the following issues: Security issues fixed: - CVE-2018-20615: Fixed a denial of service, triggered by mishandling the priority flag on short HEADERS frame in the HTTP/2 decoder bsc1121283...

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

Important Photon OS Security Update - PHSA-2019-0124

Updates of 'haproxy', 'paramiko' packages of Photon OS have been released...

[SECURITY] Fedora 28 Update: haproxy-1.8.17-1.fc28

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 29 Update: haproxy-1.8.17-1.fc29

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

Fedora Update for haproxy FEDORA-2019-0398d1b049

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 28 : haproxy (2019-0398d1b049)

Update to 1.8.17 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

Fedora 29 : haproxy (2019-c7da53319c)

Update to 1.8.17 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

[ASA-201901-15] haproxy: denial of service

Arch Linux Security Advisory ASA-201901-15 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2018-20102 CVE-2018-20103 Package : haproxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-836 Summary ======= The package haproxy...

HAProxy Denial of Service Vulnerability (CNVD-2019-02518)

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer , 7-layer proxy , and can support tens of thousands of level of connections , with high efficiency , stability and other characteristics . A denial of service vulnerability exists...

Ubuntu 16.04 LTS / 18.04 LTS : HAProxy vulnerabilities (USN-3858-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3858-1 advisory. It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information...

Ubuntu: Security Advisory (USN-3858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3858-1 haproxy vulnerabilities

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information. CVE-2018-20102 It was discovered that HAProxy incorrectly handled certain requests. A attacker could possibly use this issue to cause a denial of service. This...

USN-3858-1: HAProxy vulnerabilities

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information. CVE-2018-20102 It was discovered that HAProxy incorrectly handled certain requests. A attacker could possibly use this issue to cause a denial of service. This...

Denial Of Service (DoS)

haproxy is vulnerable to denial of service. An out-of-bounds read in the hpackvalididx function in HPACK decoder used for HTTP/2 allows a remote attacker to crash the service...

Denial Of Service (DoS)

rh-haproxy18-haproxy is vulnerable to denial of service DoS attacks. The vulnerability exists as an issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the maxframesize setting instead of being checked against the bufsize. The maxframesize only applies t...

Information Disclosure

haproxy is vulnerable to information disclosure attacks. The vulnerability exists as the bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information...

Denial Of Service (DoS)

HAProxy is vulnerable to denial of service. Requests are not properly handled when the proxy had certain rules in its configuration that uses hdrip criterion. A remote attacker is able to crash the application using a malicious HTTP header with a certain value in the MAXHDRHISTORY variable...