CVE-2014-6269

HAProxy 1.5-dev23 before 1.5.4 is affected by CVE-2014-6269 due to multiple integer overflows in http_request_forward_body (proto_http.c). The vulnerability enables remote DoS (crash) via a large data stream, triggering a buffer overflow and an out-of-bounds read. Remediation: upgrade to 1.5.4 or...

CVE-2014-6269

Multiple integer overflows in the httprequestforwardbody function in protohttp.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service crash via a large stream of data, which triggers a buffer overflow and an out-of-bounds read...

CentOS 7 : haproxy (CESA-2014:1292)

An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CentOS Update for haproxy CESA-2014:1292 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : haproxy (ELSA-2014-1292)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2014-1292 advisory. 1.5.2-3 - Fix remote client denial of service vulnerability 1138191 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

RedHat Update for haproxy RHSA-2014:1292-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

haproxy security update

CentOS Errata and Security Advisory CESA-2014:1292 An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Moderate: Red Hat Security Advisory: haproxy security update

An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

haproxy: remote client denial of service vulnerability

A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy...

haproxy security update

1.5.2-3 - Fix remote client denial of service vulnerability 1138191...

RHEL 7 : haproxy (RHSA-2014:1292)

An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Fedora 21 : haproxy-1.5.4-1.fc21 (2014-10202)

Update to upstream stable release 1.5.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora 20 : haproxy-1.5.4-1.fc20 (2014-10497)

Update to upstream stable release 1.5.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora Update for haproxy FEDORA-2014-10497

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 20 Update: haproxy-1.5.4-1.fc20

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)

DoS Vulnerability fixed in Node v0.8.26 and v0.10.21 Node.js is vulnerable to a denial of service attack when a client sends many pipelined HTTP requests on a single connection, and the client does not read the responses from the connection. We recommend that anyone using Node.js v0.8 or v0.10 to...

Amazon Linux AMI : haproxy (ALAS-2013-215)

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdrip or other 'hdr' functions with a negative occurrence count, allows remote attackers to cause a denial of service negative array index usage and crash via an HTTP header with a certain number of values, related to the...

Moderate: Red Hat Security Advisory: haproxy security update

An updated haproxy package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

haproxy: http_get_hdr()/get_ip_from_hdr2() MAX_HDR_HISTORY handling denial of service

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdrip or other "hdr" functions with a negative occurrence count, allows remote attackers to cause a denial of service negative array index usage and crash via an HTTP header with a certain number of values, related to the...

CVE-2013-2175

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdrip or other "hdr" functions with a negative occurrence count, allows remote attackers to cause a denial of service negative array index usage and crash via an HTTP header with a certain number of values, related to the...