icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

HAProxy 'tcp-request content' Buffer Overflow Vulnerability

Medium

Synopsis

The remote host is running a load balancer with a buffer overflow vulnerability

Description

Based on the version obtained for HAProxy, the remote host is running load balancing software that is potentially affected by a buffer overflow vulnerability in the 'tcp-request content' inspection mechanism. A remote attacker could exploit this issue with a specially crafted request, potentially resulting in a denial of service and possible arbitrary code execution on the remote host.

Solution

Upgrade to HAProxy version 1.4.23 / 1.5-dev18 or higher.