UBUNTU-CVE-2018-14645

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpackvalididx resulted in a remote crash and denial of service...

Security Bulletin: A security vulnerability has been identified in HAProxy shipped with Data Science Experience Local

Summary HAProxy is shipped as a component of Data Science Experience Local. Information about a security vulnerability affecting HAProxy has been published in a security bulletin. Vulnerability Details Please consult the security bulletins: CVE-2018-10184, CVE-2018-11469 for vulnerability details...

Kernel update: Virtuozzo ReadyKernel patch 58.0 for Virtuozzo 7.0.8

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernel 3.10.0-862.9.1.vz7.63.3 7.0.8. Vulnerability id: PSBM-87858 Haproxy processes were getting stuck in D state in locksock. Vulnerability id: PSBM-87877 It was found that rpcgethdr function...

Photon OS 1.0: Dnsmasq / Grub2 / Haproxy / Linux / Nginx / Vim / Wget / Zookeeper PHSA-2016-0012 (deprecated)

An update of linux , wget , vim , grub2 , zookeeper , nginx , dnsmasq , haproxy packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory...

Fedora Update for haproxy FEDORA-2018-941d094624

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: haproxy-1.8.12-2.fc28

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

openSUSE Security Update : curl (openSUSE-2018-589)

This update for curl to version 7.60.0 fixes the following issues : These security issues were fixed : - CVE-2018-1000300: Prevent heap-based buffer overflow when closing down an FTP connection with very long server command replies bsc1092094. - CVE-2018-1000301: Prevent buffer over-read that cou...

Security update for curl (moderate)

This update for curl to version 7.60.0 fixes the following issues: These security issues were fixed: - CVE-2018-1000300: Prevent heap-based buffer overflow when closing down an FTP connection with very long server command replies bsc1092094. - CVE-2018-1000301: Prevent buffer over-read that could...

Ubuntu 18.04 LTS : HAProxy vulnerability (USN-3663-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3663-1 advisory. It was discovered that HAProxy incorrectly handled certain resquests. An attacker could possibly use this to expose sensitive information. Tenable has extracted t...

openSUSE: Security Advisory for ceph (openSUSE-SU-2018:1470-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-3663-1 haproxy vulnerability

It was discovered that HAProxy incorrectly handled certain resquests. An attacker could possibly use this to expose sensitive information...

USN-3663-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain resquests. An attacker could possibly use this to expose sensitive information...

Create Multiple TOR Instances With Load Balancing: Multitor

A tool that lets you create multiple TOR instances with a load-balancing traffic between them by HAProxy . It’s provides one single endpoint for clients. In addition, you can view previously running TOR processes and create a new identity for all or selected processes. The multitor has been...

HAProxy Information Disclosure Vulnerability

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer , 7-layer proxy , and can support tens of thousands of level of connections , with high efficiency , stability and other characteristics . A security vulnerability exists in HAPro...

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 if cache enabled allows attackers to achieve information disclosure via an unauthenticated remote request, related to the protohttp.c checkrequestforcacheability function...

Authorization

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 if cache enabled allows attackers to achieve information disclosure via an unauthenticated remote request, related to the protohttp.c checkrequestforcacheability function...

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 if cache enabled allows attackers to achieve information disclosure via an unauthenticated remote request, related to the protohttp.c checkrequestforcacheability function...

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 if cache enabled allows attackers to achieve information disclosure via an unauthenticated remote request, related to the protohttp.c checkrequestforcacheability function...

CVE-2018-11469

CVE-2018-11469 affects HAProxy 1.8.x (1.8.0–1.8.9 with caching enabled) where incorrect caching of responses including an Authorization header can disclose information via unauthenticated remote requests. Root cause cited: proto_http.c check_request_for_cacheability. Several connected advisories ...

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 if cache enabled allows attackers to achieve information disclosure via an unauthenticated remote request, related to the protohttp.c checkrequestforcacheability function...