Download
| Alert*
|
oval:org.secpod.oval:def:701254
haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701343 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:601059 Multiple security issues have been found in HAProxy, a load-balancing reverse proxy: CVE-2012-2942 Buffer overflow in the header capture code. CVE-2013-1912 Buffer overflow in the HTTP keepalive code. CVE-2013-2175 Denial of service in parsing HTTP headers. oval:org.secpod.oval:def:202889 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was found in the way HAProxy handled pipelined HTTP requests. A remote attacker could send pipelined HTTP requests that would cause HAProxy to crash or, potentially, execute a ... oval:org.secpod.oval:def:202933 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy"s configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances ... oval:org.secpod.oval:def:1600317 HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable. oval:org.secpod.oval:def:6205 The host is installed with HAProxy before 1.4.21 and is prone to a buffer overflow vulnerability. A flaw is present in the application, due to improper bounds check. Successful exploitation could allow attackers to crash the service. |
