HAProxy 'tcp-request content' Buffer Overflow Vulnerability
PVS ID: 6906 FAMILY: Web Servers RISK: MEDIUM NESSUS ID:Not Available
Description: Synopsis :\n\nThe remote host is running a load balancer with a buffer overflow vulnerability.\n\nFor your information, the observed version of HAProxy installed on the remote host is : \n %L \n\nBased on the version obtained for HAProxy, the remote host is running load balancing software that is potentially affected by a buffer overflow vulnerability in the 'tcp-request content' inspection mechanism. A remote attacker could exploit this issue with a specially crafted request, potentially resulting in a denial of service and possible arbitrary code execution on the remote host.

Solution: Upgrade to HAProxy version 1.4.23 / 1.5-dev18 or higher.


Copyright Tenable Network Security Inc. 2013