User: Password:
Subscribe / Log in / New account

haproxy: code execution

Package(s):haproxy CVE #(s):CVE-2013-1912
Created:April 10, 2013 Updated:May 29, 2013
Description: From the Red Hat advisory:

A buffer overflow flaw was found in the way HAProxy handled pipelined HTTP requests. A remote attacker could send pipelined HTTP requests that would cause HAProxy to crash or, potentially, execute arbitrary code with the privileges of the user running HAProxy. This issue only affected systems using all of the following combined configuration options: HTTP keep alive enabled, HTTP keywords in TCP inspection rules, and request appending rules.

Gentoo 201307-01 haproxy 2013-07-11
Debian DSA-2711-1 haproxy 2013-06-19
CentOS CESA-2013:0868 haproxy 2013-05-29
Scientific Linux SL-hapr-20130528 haproxy 2013-05-28
Red Hat RHSA-2013:0868-01 haproxy 2013-05-28
Fedora FEDORA-2013-4827 haproxy 2013-04-27
Fedora FEDORA-2013-4807 haproxy 2013-04-26
Ubuntu USN-1800-1 haproxy 2013-04-15
Red Hat RHSA-2013:0729-01 haproxy 2013-04-09

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds