CVE-2015-3281

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.

References

http://git.haproxy.org/?p=haproxy-1.5.git;a=commit;h=7ec765568883b2d4e5a2796adbeb492a22ec9bd4

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html

http://rhn.redhat.com/errata/RHSA-2015-1741.html

http://rhn.redhat.com/errata/RHSA-2015-2666.html

http://www.debian.org/security/2015/dsa-3301

http://www.haproxy.org/news.html

http://www.securityfocus.com/bid/75554

http://www.ubuntu.com/usn/USN-2668-1

Details

Source: MITRE

Published: 2015-07-06

Updated: 2019-06-26

Type: CWE-119

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:haproxy:haproxy:1.5:dev:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev0:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev1:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev10:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev11:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev12:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev13:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev14:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev15:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev16:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev17:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev18:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev19:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev2:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev3:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev4:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev5:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev6:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev7:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev8:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5:dev9:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.6:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.7:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.8:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.9:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.10:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.11:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.12:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.5.13:*:*:*:*:*:*:*

cpe:2.3:a:haproxy:haproxy:1.6:dev0:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:opensuse:linux_enterprise_high_availability_extension:12:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:openstack_cloud:5:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
119366RHEL 6 : Red Hat OpenShift Enterprise 2.2.8 (RHSA-2015:2666)NessusRed Hat Local Security Checks
medium
86623openSUSE Security Update : haproxy (openSUSE-2015-682)NessusSuSE Local Security Checks
medium
86509CentOS 6 / 7 : haproxy (CESA-2015:1741)NessusCentOS Local Security Checks
medium
85977RHEL 6 / 7 : haproxy 1.5 (RHSA-2015:1741)NessusRed Hat Local Security Checks
medium
85866Scientific Linux Security Update : haproxy on SL6.x, SL7.x i386/x86_64 (20150908)NessusScientific Linux Local Security Checks
medium
85864Oracle Linux 7 : haproxy (ELSA-2015-1741)NessusOracle Linux Local Security Checks
medium
85056Fedora 22 : haproxy-1.5.14-1.fc22 (2015-11267)NessusFedora Local Security Checks
medium
85055Fedora 21 : haproxy-1.5.14-1.fc21 (2015-11255)NessusFedora Local Security Checks
medium
84619Ubuntu 14.10 / 15.04 : haproxy vulnerability (USN-2668-1)NessusUbuntu Local Security Checks
medium
84601FreeBSD : haproxy -- information leak vulnerability (cbfa8bd7-24b6-11e5-86ff-14dae9d210b8)NessusFreeBSD Local Security Checks
medium
84511Debian DSA-3301-1 : haproxy - security updateNessusDebian Local Security Checks
medium