This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
An updated haproxy package that fixes one security issue is now
available for Red Hat Enterprise Linux 6 and 7. HAProxy provides high
availability, load balancing, and proxying for TCP and HTTP-based
An implementation error related to the memory management of request
and responses was found within HAProxy's buffer_slow_realign()
function. An unauthenticated, remote attacker could possibly use this
flaw to leak certain memory buffer contents from a past request or
Note that, according to CVE-2015-3281, this issue only exists in
HAProxy version 1.5.x prior to 1.5.14. All HAProxy users are advised
to upgrade to this updated package, which contains a backported patch
to correct this issue.
See also :
Update the affected haproxy and / or haproxy-debuginfo packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false