Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Jun 2016 17:06:29 +0200
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>,
	cve-assign@...re.org
Subject: CVE Request: haproxy remote denial of service via reqdeny

Hi,

This is a remote denial of service against haproxy (uncontrollable crash).

http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b

The problem was apparently introduced in haproxy 1.6.0, and is fixed in git (which will become 1.6.6).

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ