Back to search
CVE-2013-1912
Published: Apr 10, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted pipelined HTTP requests that prevent request realignment from occurring.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2013-6253
vendor-advisory
x_refsource_FEDORA
RHSA-2013:0868
vendor-advisory
x_refsource_REDHAT
52725
third-party-advisory
x_refsource_SECUNIA
FEDORA-2013-4807
vendor-advisory
x_refsource_FEDORA
DSA-2711
vendor-advisory
x_refsource_DEBIAN
FEDORA-2013-4827
vendor-advisory
x_refsource_FEDORA
58820
vdb-entry
x_refsource_BID
USN-1800-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20130403 CVE-2013-1912 : haproxy may crash on TCP content inspection rules
mailing-list
x_refsource_MLIST
RHSA-2013:0729
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now