Published: 06/07/2015 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The buffer_slow_realign function in HAProxy 1.5.x prior to 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote malicious users to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 8.0
haproxy haproxy 1.5.0
haproxy haproxy 1.5.10
haproxy haproxy 1.5.12
haproxy haproxy 1.5
haproxy haproxy 1.5.7
haproxy haproxy 1.5.5
haproxy haproxy 1.5.1
haproxy haproxy 1.5.4
haproxy haproxy 1.5.6
haproxy haproxy 1.5.11
haproxy haproxy 1.5.2
haproxy haproxy 1.5.13
haproxy haproxy 1.5.8
haproxy haproxy 1.5.9
haproxy haproxy 1.5.3
haproxy haproxy 1.6
canonical ubuntu linux 14.10
canonical ubuntu linux 15.04
opensuse opensuse 13.2
opensuse linux enterprise high availability extension 12
opensuse openstack cloud 5
redhat enterprise linux desktop 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux server 7.0
redhat enterprise linux server eus 7.2
redhat enterprise linux server eus 7.1
redhat enterprise linux server tus 7.3
redhat enterprise linux server aus 7.3
redhat enterprise linux server aus 7.4
redhat enterprise linux server eus 7.3
redhat enterprise linux server eus 7.4
redhat enterprise linux server eus 7.5
redhat enterprise linux server tus 7.6
redhat enterprise linux server eus 7.6
redhat enterprise linux server aus 7.6

Synopsis Important: Red Hat OpenShift Enterprise 228 security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Enterprise release 228, which fixes one securityissue, several bugs, and introduces feature enhancements, is nowavailableRed Hat Product Secu ...

HAProxy could be made to expose sensitive information over the network ...

Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or session For the stable distribution (jessie), this pro ...

An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session ...

CWE-119 http://www.debian.org/security/2015/dsa-3301 http://www.haproxy.org/news.html http://www.securityfocus.com/bid/75554 http://rhn.redhat.com/errata/RHSA-2015-2666.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html http://rhn.redhat.com/errata/RHSA-2015-1741.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html http://www.ubuntu.com/usn/USN-2668-1 http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 https://access.redhat.com/errata/RHSA-2015:2666 https://usn.ubuntu.com/2668-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-3281

CVE-2015-3281

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect