Download
| Alert*
|
oval:org.secpod.oval:def:6204
HAProxy is installed oval:org.secpod.oval:def:1800083 haproxy is installed oval:org.secpod.oval:def:107474 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:701254 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701791 haproxy is installed oval:org.secpod.oval:def:203427 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. All h ... oval:org.secpod.oval:def:701343 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:601059 Multiple security issues have been found in HAProxy, a load-balancing reverse proxy: CVE-2012-2942 Buffer overflow in the header capture code. CVE-2013-1912 Buffer overflow in the HTTP keepalive code. CVE-2013-2175 Denial of service in parsing HTTP headers. oval:org.secpod.oval:def:203292 haproxy is installed oval:org.secpod.oval:def:117565 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:117561 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:62703 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 request. oval:org.secpod.oval:def:503636 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fix: * haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes For more details about the security issue, including the impact, a CVSS score, acknowledgments, an ... oval:org.secpod.oval:def:66536 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fix: * haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes For more details about the security issue, including the impact, a CVSS score, acknowledgments, an ... oval:org.secpod.oval:def:203726 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy"s buffer_slow_realign function. An unauthenticated remote attacker could possibly use this ... oval:org.secpod.oval:def:26791 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy"s buffer_slow_realign function. An unauthenticated remote attacker could possibly use this ... oval:org.secpod.oval:def:702635 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. oval:org.secpod.oval:def:88305 Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling. By carefully crafting HTTP/2 requests, it is possible to smuggle another HTTP request to the backend selected by the HTTP/2 request. With certain configur ... oval:org.secpod.oval:def:114516 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:202933 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy"s configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances ... oval:org.secpod.oval:def:202889 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was found in the way HAProxy handled pipelined HTTP requests. A remote attacker could send pipelined HTTP requests that would cause HAProxy to crash or, potentially, execute a ... oval:org.secpod.oval:def:109378 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:109377 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:203727 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy"s buffer_slow_realign function. An unauthenticated remote attacker could possibly use this ... oval:org.secpod.oval:def:501654 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy"s buffer_slow_realign function. An unauthenticated remote attacker could possibly use this ... oval:org.secpod.oval:def:602157 Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used. A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or sessi ... oval:org.secpod.oval:def:3301060 SUSE Security Update: Security update for haproxy oval:org.secpod.oval:def:606179 A flaw was discovered in the way HAProxy, a fast and reliable load balancing reverse proxy, processes HTTP responses containing the Set-Cookie2 header, which can result in an unbounded loop, causing a denial of service. oval:org.secpod.oval:def:85654 A flaw was discovered in the way HAProxy, a fast and reliable load balancing reverse proxy, processes HTTP responses containing the Set-Cookie2 header, which can result in an unbounded loop, causing a denial of service. oval:org.secpod.oval:def:118000 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:1800222 This issue was introduced in version 1.6.0 of HAProxy.. oval:org.secpod.oval:def:110785 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:1800082 This issue was introduced in version 1.6.0 of HAProxy. Reference patch oval:org.secpod.oval:def:1500727 An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from th ... oval:org.secpod.oval:def:1600317 HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable. oval:org.secpod.oval:def:3300211 SUSE Security Update: Security update for haproxy oval:org.secpod.oval:def:89349 Two vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which may result in denial of service, or bypass of access controls and routing rules via specially crafted requests. oval:org.secpod.oval:def:89425 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:3300207 SUSE Security Update: Security update for haproxy oval:org.secpod.oval:def:89457 haproxy: fast and reliable load balancing reverse proxy HAProxy could allow unintended access to network services. oval:org.secpod.oval:def:75935 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. oval:org.secpod.oval:def:88308 Ori Hollander reported that missing header name length checks in the htx_add_header and htx_add_trailer functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in request smuggling attacks or response splitting attacks. Additionally this update addresses #993303 introduc ... oval:org.secpod.oval:def:604796 Felix Wilhelm of Google Project Zero discovered that HAProxy, a TCP/HTTP reverse proxy, did not properly handle HTTP/2 headers. This would allow an attacker to write arbitrary bytes around a certain location on the heap, resulting in denial-of-service or potential arbitrary code execution. oval:org.secpod.oval:def:705426 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 request. oval:org.secpod.oval:def:1502854 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69792 Tim Düsterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. oval:org.secpod.oval:def:604626 Tim D#xFC;sterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. oval:org.secpod.oval:def:705306 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 header. oval:org.secpod.oval:def:2001215 An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion. oval:org.secpod.oval:def:51135 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received a specially crafted request. oval:org.secpod.oval:def:115170 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:704333 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received a specially crafted request. oval:org.secpod.oval:def:51090 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. oval:org.secpod.oval:def:704210 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. oval:org.secpod.oval:def:501388 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. All h ... oval:org.secpod.oval:def:6205 The host is installed with HAProxy before 1.4.21 and is prone to a buffer overflow vulnerability. A flaw is present in the application, due to improper bounds check. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:51588 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703171 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:59613 haproxy: fast and reliable load balancing reverse proxy HAproxy would allow unintended access if ii received specially crafted HTTP request. oval:org.secpod.oval:def:704442 haproxy: fast and reliable load balancing reverse proxy Several security issues were fixed in HAProxy. oval:org.secpod.oval:def:115804 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:115802 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to backup ... oval:org.secpod.oval:def:51032 haproxy: fast and reliable load balancing reverse proxy Several security issues were fixed in HAProxy. oval:org.secpod.oval:def:52129 haproxy: fast and reliable load balancing reverse proxy Several security issues were fixed in HAProxy. oval:org.secpod.oval:def:2000621 An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing ... oval:org.secpod.oval:def:610509 It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this flaw to cause an information leak. oval:org.secpod.oval:def:2600368 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. oval:org.secpod.oval:def:93321 It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this flaw to cause an information leak. oval:org.secpod.oval:def:19500350 HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret t ... oval:org.secpod.oval:def:93889 haproxy: fast and reliable load balancing reverse proxy Details: USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Linux Mint 20.x LTS. Original advisory HAProxy could allow unintended access to network services. oval:org.secpod.oval:def:708640 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information. oval:org.secpod.oval:def:96780 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information. oval:org.secpod.oval:def:612883 Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling or information disclosure. oval:org.secpod.oval:def:96943 Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling or information disclosure. oval:org.secpod.oval:def:97778 [CLSA-2023:1703183093] haproxy: Fix of CVE-2023-45539 oval:org.secpod.oval:def:3301631 Security update for haproxy oval:org.secpod.oval:def:19500588 HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server oval:org.secpod.oval:def:2600517 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. oval:org.secpod.oval:def:708361 haproxy: fast and reliable load balancing reverse proxy HAProxy could allow unintended access to network services. oval:org.secpod.oval:def:708370 haproxy: fast and reliable load balancing reverse proxy Details: USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory HAProxy could allow unintended access to network services. oval:org.secpod.oval:def:1507369 [2.4.22-3] - Reject # as part of URI path component [2.4.22-2] - Reject any empty content-length header value |
