1962 matches found
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
DEBIAN-CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
Cross site request forgery (csrf)
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
CVE-2015-3281
HAProxy upstream issue CVE-2015-3281 affects HAProxy 1.5.x (pre-1.5.14) and 1.6-dev, where buffer_slow_realign() mishandles the output buffer, enabling an unauthenticated remote attacker to obtain uninitialized memory from previous requests via a crafted request. Public advisories document data l...
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
Debian DSA-3301-1 : haproxy - security update
Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used. A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or...
CVE-2015-3281
The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...
[SECURITY] [DSA 3301-1] haproxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3301-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3301-1] haproxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3301-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3301-1 (haproxy - security update)
Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used. A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or...
DSA-3301-1 haproxy - security update
Bulletin has no description...
haproxy: information leakage
A vulnerability was found in the handling of HTTP pipelining. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. With the proper timing and by requesting files of specific sizes from...
Debian: Security Advisory (DSA-3301-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
haproxy -- information leak vulnerability
HAProxy reports: A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie...
Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the haproxy package up to version 1.4.24 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information
The vulnerability of the haproxy-1.5.2 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information
The vulnerability of the haproxy-debuginfo-1.5.2 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
SUSE-SU-2015:0660-1 Security update for haproxy
This security update for haproxy provides version 1.5.4 with various fixes, improvements and one security fix. Update from version 1.4.24 to 1.5.4 = For a detailed description, please refer to the package changelog. Security Issues: CVE-2014-6269...