Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 May 2012 11:37:23 -0600
From: Vincent Danen <>
Subject: CVE request: haproxy trash buffer overflow flaw

Could a CVE be assigned to this flaw please?

A flaw was reported in HAProxy where, due to a boundary error when
copying data into the trash buffer, an external attacker could cause a
buffer overflow.  Exploiting this flaw could lead to the execution of
arbitrary code, however it requires non-default settings for the
global.tune.bufsize configuration option (must be set to a value greater
than the default), and also that header rewriting is enabled (via, for
example, the regrep or rsprep directives).

This flaw is reported against 1.4.20, prior versions may also be
affected.  This has been fixed upstream in version 1.4.21 and in git.


Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ