Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140909130221.GA6119@1wt.eu>
Date: Tue, 9 Sep 2014 15:02:21 +0200
From: Willy Tarreau <w@....eu>
To: oss-security@...ts.openwall.com
Subject: CVE Request: haproxy read out of bounds

Hi,

I'd like to get a CVE ID for a new vulnerability affecting HAProxy 1.5
before 1.5.4. In short, a user can cause HAProxy to parse contents out
of a buffer by sending multiple gigs of carefully crafted chunks faster
than the target server can read them. No memory write is performed during
this phase, but the process may crash when tring to parse chunked data
out of the request buffer.

All the details and the patch are available here :

   http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c

The fix was included in 1.5.4.

Thanks,
Willy

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.