exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2013-2175

Status Candidate

Overview

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable.

Related Files

Red Hat Security Advisory 2013-1204-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1204-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy's configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration. In Red Hat OpenShift Enterprise, the HAProxy cartridge is added to your application when you select to have your application scaled.

tags | advisory, remote, web, tcp
systems | linux, redhat
advisories | CVE-2013-2175
MD5 | 483a955d8dcdff9c261393e3cdb6756e
Red Hat Security Advisory 2013-1120-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1120-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy's configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration.

tags | advisory, remote, web, tcp
systems | linux, redhat
advisories | CVE-2013-2175
MD5 | 56a7e5820e6894300510e932df76538f
Gentoo Linux Security Advisory 201307-01
Posted Jul 12, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201307-1 - Multiple vulnerabilities have been found in HAProxy, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.24 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-1912, CVE-2013-2175
MD5 | 7e612a76f3745b5887e75bff48c4aa61
Ubuntu Security Notice USN-1889-1
Posted Jun 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1889-1 - David Torgerson discovered that HAProxy incorrectly parsed certain HTTP headers. A remote attacker could use this issue to cause HAProxy to stop responding, resulting in a denial of service.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2013-2175
MD5 | df6265e329951353a63e17800373ccb5
Debian Security Advisory 2711-1
Posted Jun 20, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2711-1 - Multiple security issues have been found in HAProxy, a load-balancing reverse proxy.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2942, CVE-2013-1912, CVE-2013-2175
MD5 | df661b39009cf0bf1c1ed82639ed41b4
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close