RedHat Update For Haproxy RHSA-2014:1292-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. (CVE-2014-6269) All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

Affected

haproxy on Red Hat Enterprise Linux Server (v. 7)

References

https://www.redhat.com/archives/rhsa-announce/2014-September/msg00047.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-6269
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0297
RedHat Security Advisory RHSA-2009:0451
RedHat Security Advisory RHSA-2009:0436
RedHat Security Advisory RHSA-2009:1563
RedHat Security Advisory RHSA-2009:0295

RedHat Update for haproxy RHSA-2014:1292-01

Take action and discover your vulnerabilities