HAProxy 'tcp-request content' Buffer Overflow Vulnerability



The remote host is running a load balancer with a buffer overflow vulnerability


Based on the version obtained for HAProxy, the remote host is running load balancing software that is potentially affected by a buffer overflow vulnerability in the 'tcp-request content' inspection mechanism. A remote attacker could exploit this issue with a specially crafted request, potentially resulting in a denial of service and possible arbitrary code execution on the remote host.


Upgrade to HAProxy version 1.4.23 / 1.5-dev18 or higher.