Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 prior to 1.5.4 allow remote malicious users to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
haproxy haproxy 1.5.0 |
||
haproxy haproxy 1.5.1 |
||
haproxy haproxy 1.5 |
||
haproxy haproxy 1.5.2 |
||
haproxy haproxy 1.5.3 |