Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-3281
HistoryJul 06, 2015 - 12:00 a.m.

CVE-2015-3281

2015-07-0600:00:00
ubuntu.com
ubuntu.com
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

71.2%

JSON

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev
does not properly realign a buffer that is used for pending outgoing data,
which allows remote attackers to obtain sensitive information
(uninitialized memory contents of previous requests) via a crafted request.

Notes

Author Note
mdeslaur 1.5.x+ only
OSVersionArchitecturePackageVersionFilename
ubuntu14.10noarchhaproxy< 1.5.4-1ubuntu2.1UNKNOWN
ubuntu15.04noarchhaproxy< 1.5.10-1ubuntu0.1UNKNOWN

Related

openvas 10
securityvulns 2
nessus 11
cvelist 1
redhat 2
oraclelinux 1
prion 1
cve 1
archlinux 1
debian 2
ubuntu 1
veracode 1
freebsd 1
fedora 2
osv 1
suse 2
cloudfoundry 1
debiancve 1
centos 1
openvas
openvas
Debian Security Advisory DSA 3301-1 (haproxy - security update)
2015-07-05 00:00:00
Fedora Update for haproxy FEDORA-2015-11255
2015-07-30 00:00:00
RedHat Update for haproxy RHSA-2015:1741-01
2015-09-09 00:00:00
securityvulns
securityvulns
HAProxy information disclosure
2015-07-13 00:00:00
[USN-2668-1] HAProxy vulnerability
2015-07-13 00:00:00
nessus
nessus
openSUSE Security Update : haproxy (openSUSE-2015-682)
2015-10-28 00:00:00
FreeBSD : haproxy -- information leak vulnerability (cbfa8bd7-24b6-11e5-86ff-14dae9d210b8)
2015-07-08 00:00:00
RHEL 6 / 7 : haproxy 1.5 (RHSA-2015:1741)
2015-09-17 00:00:00
cvelist
cvelist
CVE-2015-3281
2015-07-06 14:55:00
redhat
redhat
(RHSA-2015:1741) Important: haproxy security update
2015-09-08 00:00:00
(RHSA-2015:2666) Important: Red Hat OpenShift Enterprise 2.2.8 security, bug fix, and enhancement update
2015-12-17 00:00:00
oraclelinux
oraclelinux
haproxy security update
2015-09-08 00:00:00
prion
prion
Cross site request forgery (csrf)
2015-07-06 15:59:00
cve
cve
CVE-2015-3281
2015-07-06 15:59:00
archlinux
archlinux
haproxy: information leakage
2015-07-04 00:00:00
debian
debian
[SECURITY] [DSA 3301-1] haproxy security update
2015-07-05 04:03:39
[SECURITY] [DSA 3301-1] haproxy security update
2015-07-05 04:03:21
ubuntu
ubuntu
HAProxy vulnerability
2015-07-07 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:07:36
freebsd
freebsd
haproxy -- information leak vulnerability
2015-07-02 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: haproxy-1.5.14-1.fc22
2015-07-29 01:46:35
[SECURITY] Fedora 21 Update: haproxy-1.5.14-1.fc21
2015-07-29 01:43:56
osv
osv
haproxy - security update
2015-07-05 00:00:00
suse
suse
Security update for haproxy (important)
2015-10-27 13:10:00
Security update for haproxy (important)
2015-10-01 13:10:26
cloudfoundry
cloudfoundry
CVE-2015-3281 HAProxy vulnerabilities | Cloud Foundry
2017-04-04 00:00:00
debiancve
debiancve
CVE-2015-3281
2015-07-06 15:59:00
centos
centos
haproxy security update
2015-09-08 19:57:39

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

71.2%

JSON
Related for UB:CVE-2015-3281
openvas10securityvulns2nessus11cvelist1redhat2oraclelinux1prion1cve1archlinux1debian2ubuntu1veracode1freebsd1fedora2osv1suse2cloudfoundry1debiancve1centos1