HAProxy is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Versions prior to HAProxy 1.9.9 and 2.0.3 are vulnerable.
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 109352 |
| Class: | Design Error |
| CVE: | CVE-2019-14241 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 23 2019 12:00AM |
| Updated: | Jul 23 2019 12:00AM |
| Credit: | japeldoorn |
| Vulnerable: | haproxy haproxy 2.0.2 haproxy haproxy 2.0.1 haproxy haproxy 2.0 haproxy haproxy 1.9.8 haproxy haproxy 1.9.7 haproxy haproxy 1.9.6 haproxy haproxy 1.9.5 haproxy haproxy 1.9.4 haproxy haproxy 1.9.3 haproxy haproxy 1.9.2 haproxy haproxy 1.9.1 haproxy haproxy 1.9 haproxy haproxy 1.8.17 haproxy haproxy 1.8.16 haproxy haproxy 1.8.15 haproxy haproxy 1.8.14 haproxy haproxy 1.8.13 haproxy haproxy 1.8.12 haproxy haproxy 1.8.11 haproxy haproxy 1.8.10 haproxy haproxy 1.8.9 haproxy haproxy 1.8.8 haproxy haproxy 1.8.7 haproxy haproxy 1.8.6 haproxy haproxy 1.8.5 haproxy haproxy 1.8.4 haproxy haproxy 1.8.3 haproxy haproxy 1.8.2 haproxy haproxy 1.8.1 haproxy haproxy 1.8 haproxy haproxy 1.7 haproxy haproxy 1.6.6 haproxy haproxy 1.6.5 haproxy haproxy 1.6.4 haproxy haproxy 1.6.3 haproxy haproxy 1.6.2 haproxy haproxy 1.6.1 haproxy haproxy 1.6 haproxy haproxy 1.5.4 haproxy haproxy 1.4.24 haproxy haproxy 1.4.23 haproxy haproxy 1.4.22 haproxy haproxy 1.4.21 haproxy haproxy 1.4.20 haproxy haproxy 1.4.15 haproxy haproxy 1.4.10 haproxy haproxy 1.4.9 haproxy haproxy 1.4.4 haproxy haproxy 1.5.14 haproxy haproxy 1.5-dev19 haproxy haproxy 1.5-dev18 haproxy haproxy 1.5 Dev9 haproxy haproxy 1.5 Dev8 haproxy haproxy 1.5 Dev7 haproxy haproxy 1.5 Dev6 haproxy haproxy 1.5 Dev5 haproxy haproxy 1.5 Dev4 haproxy haproxy 1.5 Dev3 haproxy haproxy 1.5 Dev2 haproxy haproxy 1.5 Dev19 haproxy haproxy 1.5 Dev18 haproxy haproxy 1.5 Dev17 haproxy haproxy 1.5 Dev16 haproxy haproxy 1.5 Dev15 haproxy haproxy 1.5 Dev14 haproxy haproxy 1.5 Dev13 haproxy haproxy 1.5 Dev12 haproxy haproxy 1.5 Dev11 haproxy haproxy 1.5 Dev10 haproxy haproxy 1.5 Dev1 haproxy haproxy 1.5 Dev0 haproxy haproxy 1.5 Dev haproxy haproxy 1.5 haproxy haproxy 1.4.8 haproxy haproxy 1.4.7 haproxy haproxy 1.4.6 haproxy haproxy 1.4.5 haproxy haproxy 1.4.3 haproxy haproxy 1.4.2 haproxy haproxy 1.4.19 haproxy haproxy 1.4.18 haproxy haproxy 1.4.17 haproxy haproxy 1.4.16 haproxy haproxy 1.4.14 haproxy haproxy 1.4.13 haproxy haproxy 1.4.12 haproxy haproxy 1.4.11 haproxy haproxy 1.4.1 haproxy haproxy 1.4.0 haproxy haproxy 1.4 |
| Not Vulnerable: | haproxy haproxy 2.0.3 haproxy haproxy 1.9.9 |
References:
- Haproxy 2.0 stuck thread #181 (Github)
- HAProxy Homepage (HAProxy)
- HAProxy Product Page (HAProxy)
from SecurityFocus Vulnerabilities https://ift.tt/30Z4tah
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.