exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2023-40225

Status Candidate

Overview

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

Related Files

Red Hat Security Advisory 2024-1142-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1142-03 - An update for haproxy is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 434273256431b6b9e831c9835bcb2fba3864ee3f7558795df1229f26598ab968
Download | Favorite | View
Red Hat Security Advisory 2024-1089-03
Posted Mar 5, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1089-03 - An update for haproxy is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | e4636439ab35021bb357aa2a62cdebbe77ad19dd86e3c7be20371b709059c340
Download | Favorite | View
Red Hat Security Advisory 2024-0308-03
Posted Jan 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0308-03 - Red Hat OpenShift Container Platform release 4.11.57 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 52f9b9d335e9e47501d96908f5a55b899ad39a226d336fd18aadf36e9929b3a5
Download | Favorite | View
Red Hat Security Advisory 2024-0200-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0200-03 - Red Hat OpenShift Container Platform release 4.12.47 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 32a96690289904abe613f944b6d5c4b64df532a4abda6c058b364e51b2a782de
Download | Favorite | View
Debian Security Advisory 5590-1
Posted Dec 28, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5590-1 - Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling or information disclosure.

tags | advisory, web, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2023-40225, CVE-2023-45539
SHA-256 | a26862fd9c15261a0556762eeff6b4507c638df9bea58642fe40caded089f310
Download | Favorite | View
Red Hat Security Advisory 2023-7606-03
Posted Dec 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7606-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 474705a97f0387f4e88bd91fb5e8519ab21f17704ed21c56f2699b361e58a5c2
Download | Favorite | View
Ubuntu Security Notice USN-6294-2
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6294-2 - USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-40225
SHA-256 | d781113e83bdef2397942d94f0f5327411286b1e5bf60fc0a91451cecd337078
Download | Favorite | View
Ubuntu Security Notice USN-6294-1
Posted Aug 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6294-1 - Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-40225
SHA-256 | eb07f489e5aa114922ba5706f886aedf4d3738378f6fb7e9a080692a4e5c88c3
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close