Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2014-6269 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
HAProxy Server applications / IDS/IPS systems, Firewalls and proxy servers |
Vendor | HAProxy |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU41249
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-6269
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
MitigationInstall update from vendor's website.
Vulnerable software versionsHAProxy: 1.5 - 1.5.3
External linkshttp://article.gmane.org/gmane.comp.web.haproxy/17726
http://article.gmane.org/gmane.comp.web.haproxy/18097
http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c
http://rhn.redhat.com/errata/RHSA-2014-1292.html
http://secunia.com/advisories/59936
http://secunia.com/advisories/61507
http://www.openwall.com/lists/oss-security/2014/09/09/23
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.