Red Hat Security Advisory 2015-2666-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The following security issue is addressed with this release: An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could use this flaw to leak certain memory buffer contents from a past request or session.
c4327e8c7d421a0cbc4ff37663cdff357f709ac3ab9cbc77ba10759b1555132dRed Hat Security Advisory 2015-1741-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
a1868fb9dedf29fa4bb599e9106f07d547ff3ee2b7818f9cbe0a86b2f67ecc40Ubuntu Security Notice 2668-1 - It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests.
b107f1345f2ab6dfdbdf52fda2fa1a45e08e413705d2abc04885e58aa92242deDebian Linux Security Advisory 3301-1 - Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used. A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or session.
9bf2b86084d33a2479eec479c7be4147225bfceff05cd92b80dccc62204eaa96
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed