ID CVE-2014-6269
Summary Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
References
Vulnerable Configurations
  • cpe:2.3:a:haproxy:haproxy:1.5:dev23
    cpe:2.3:a:haproxy:haproxy:1.5:dev23
  • cpe:2.3:a:haproxy:haproxy:1.5:dev24
    cpe:2.3:a:haproxy:haproxy:1.5:dev24
  • cpe:2.3:a:haproxy:haproxy:1.5:dev25
    cpe:2.3:a:haproxy:haproxy:1.5:dev25
  • cpe:2.3:a:haproxy:haproxy:1.5:dev26
    cpe:2.3:a:haproxy:haproxy:1.5:dev26
  • HAProxy 1.5.0
    cpe:2.3:a:haproxy:haproxy:1.5.0
  • HAProxy 1.5.1
    cpe:2.3:a:haproxy:haproxy:1.5.1
  • HAProxy 1.5.2
    cpe:2.3:a:haproxy:haproxy:1.5.2
  • HAProxy 1.5.3
    cpe:2.3:a:haproxy:haproxy:1.5.3
CVSS
Base: 5.0 (as of 01-10-2014 - 22:44)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-1292.NASL
    description An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. (CVE-2014-6269) All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 77815
    published 2014-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77815
    title RHEL 7 : haproxy (RHSA-2014:1292)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-1292.NASL
    description From Red Hat Security Advisory 2014:1292 : An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. (CVE-2014-6269) All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 77847
    published 2014-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77847
    title Oracle Linux 7 : haproxy (ELSA-2014-1292)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-1292.NASL
    description An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. (CVE-2014-6269) All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77834
    published 2014-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77834
    title CentOS 7 : haproxy (CESA-2014:1292)
redhat via4
advisories
bugzilla
id 1136552
title CVE-2014-6269 haproxy: remote client denial of service vulnerability
oval
AND
  • comment haproxy is earlier than 0:1.5.2-3.el7_0
    oval oval:com.redhat.rhsa:tst:20141292005
  • comment haproxy is signed with Red Hat redhatrelease2 key
    oval oval:com.redhat.rhsa:tst:20130868006
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhsa:tst:20140675001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhsa:tst:20140675002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhsa:tst:20140675003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhsa:tst:20140675004
rhsa
id RHSA-2014:1292
released 2014-09-24
severity Moderate
title RHSA-2014:1292: haproxy security update (Moderate)
rpms haproxy-0:1.5.2-3.el7_0
refmap via4
confirm http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c
mlist
  • [haproxy] 20140805 segfault in http_skip_chunk_crlf after 16G of data has passed through haproxy
  • [haproxy] 20140902 [ANNOUNCE] haproxy-1.5.4
  • [oss-security] 20140909 Re: CVE Request: haproxy read out of bounds
secunia
  • 59936
  • 61507
Last major update 02-10-2014 - 14:31
Published 30-09-2014 - 10:55
Back to Top