Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-3281 (GCVE-0-2015-3281)
Vulnerability from cvelistv5 – Published: 2015-07-06 14:55 – Updated: 2024-08-06 05:39
VLAI?
EPSS
Summary
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:32.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1741",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"name": "openSUSE-SU-2015:1831",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.haproxy.org/news.html"
},
{
"name": "RHSA-2015:2666",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"name": "USN-2668-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2668-1"
},
{
"name": "SUSE-SU-2015:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"name": "DSA-3301",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"name": "75554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2015:1741",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"name": "openSUSE-SU-2015:1831",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.haproxy.org/news.html"
},
{
"name": "RHSA-2015:2666",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"name": "USN-2668-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2668-1"
},
{
"name": "SUSE-SU-2015:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"name": "DSA-3301",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"name": "75554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75554"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3281",
"datePublished": "2015-07-06T14:55:00.000Z",
"dateReserved": "2015-04-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T05:39:32.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2015-3281
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-3281",
"description": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.",
"id": "GSD-2015-3281",
"references": [
"https://www.suse.com/security/cve/CVE-2015-3281.html",
"https://www.debian.org/security/2015/dsa-3301",
"https://access.redhat.com/errata/RHSA-2015:2666",
"https://access.redhat.com/errata/RHSA-2015:1741",
"https://linux.oracle.com/cve/CVE-2015-3281.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-3281"
],
"details": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.",
"id": "GSD-2015-3281",
"modified": "2023-12-13T01:20:07.871013Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4",
"refsource": "MISC",
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2015-1741.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2015-2666.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"name": "http://www.debian.org/security/2015/dsa-3301",
"refsource": "MISC",
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"name": "http://www.haproxy.org/news.html",
"refsource": "MISC",
"url": "http://www.haproxy.org/news.html"
},
{
"name": "http://www.securityfocus.com/bid/75554",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/75554"
},
{
"name": "http://www.ubuntu.com/usn/USN-2668-1",
"refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2668-1"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev0:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5:dev14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:1.6:dev0:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:linux_enterprise_high_availability_extension:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:openstack_cloud:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3281"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3301",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"name": "http://www.haproxy.org/news.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.haproxy.org/news.html"
},
{
"name": "75554",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75554"
},
{
"name": "RHSA-2015:2666",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"name": "SUSE-SU-2015:1663",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"name": "RHSA-2015:1741",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"name": "openSUSE-SU-2015:1831",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"name": "USN-2668-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2668-1"
},
{
"name": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4",
"refsource": "MISC",
"tags": [],
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2023-02-13T00:49Z",
"publishedDate": "2015-07-06T15:59Z"
}
}
}
CERTFR-2015-AVI-283
Vulnerability from certfr_avis - Published: 2015-07-08 - Updated: 2015-07-08
De multiples vulnérabilités ont été corrigées dans le noyau Linux Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Contournement provisoire
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 15.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
},
{
"name": "CVE-2015-3281",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3281"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-4001",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
},
{
"name": "CVE-2015-4167",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
},
{
"name": "CVE-2015-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
},
{
"name": "CVE-2014-9710",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9710"
},
{
"name": "CVE-2015-4003",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
}
],
"initial_release_date": "2015-07-08T00:00:00",
"last_revision_date": "2015-07-08T00:00:00",
"links": [
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2661-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2661-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2665-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2665-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2014-9710",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9710"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-4003",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2664-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2664-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-4001",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2660-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2660-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2663-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2663-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-3281",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3281"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2668-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2668-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-4167",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2015-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2667-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2667-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2662-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2662-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2666-1 du 7 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2666-1/"
}
],
"reference": "CERTFR-2015-AVI-283",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-07-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le \u003cspan\nclass=\"textit\"\u003enoyau Linux Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux Ubuntu",
"vendor_advisories": []
}
FKIE_CVE-2015-3281
Vulnerability from fkie_nvd - Published: 2015-07-06 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev:*:*:*:*:*:*",
"matchCriteriaId": "AFA5BE61-7877-4A2C-8135-3F624569874D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev0:*:*:*:*:*:*",
"matchCriteriaId": "CD467A6D-295A-42DC-A0F7-5498FC95654B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev1:*:*:*:*:*:*",
"matchCriteriaId": "D96B78BA-2412-4E8D-9F4A-3A4480A8EF75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev10:*:*:*:*:*:*",
"matchCriteriaId": "CAA641FA-60FF-4B43-8D2E-C42DEC79562D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev11:*:*:*:*:*:*",
"matchCriteriaId": "007F99A6-7FAD-4692-AF4A-E9919BA10EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev12:*:*:*:*:*:*",
"matchCriteriaId": "06399F03-93C5-4882-8E8A-88712E6A3F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev13:*:*:*:*:*:*",
"matchCriteriaId": "B7B74CB1-63EF-4019-8AB5-96A1E8D2990D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev14:*:*:*:*:*:*",
"matchCriteriaId": "5E08838E-DF28-425E-8440-B7CEC1A910CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev15:*:*:*:*:*:*",
"matchCriteriaId": "9D3436E0-CB58-4531-985B-FB90A991A7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev16:*:*:*:*:*:*",
"matchCriteriaId": "183F43A3-71DC-479C-8197-17D374FAA421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev17:*:*:*:*:*:*",
"matchCriteriaId": "352015C3-B8CC-4397-86CF-446ADB415054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev18:*:*:*:*:*:*",
"matchCriteriaId": "76009FEA-17FD-4218-85C7-4EAC3FC008D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev19:*:*:*:*:*:*",
"matchCriteriaId": "75896B9E-7D14-48A5-A6EE-743BA1C3F6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev2:*:*:*:*:*:*",
"matchCriteriaId": "04150D4D-49DF-4D51-8A0C-C1C74B024C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev3:*:*:*:*:*:*",
"matchCriteriaId": "599A5CCE-7DDA-4AF5-8E10-85F6E0677CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev4:*:*:*:*:*:*",
"matchCriteriaId": "AC3C72A9-1958-42EA-B387-D52183541925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev5:*:*:*:*:*:*",
"matchCriteriaId": "CF86C16E-08F1-4C8A-AA63-288EAE7D49E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev6:*:*:*:*:*:*",
"matchCriteriaId": "A9A44D0A-1104-4417-AEEF-07469D7F5BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev7:*:*:*:*:*:*",
"matchCriteriaId": "EBA058C9-0FBD-44E7-9916-A59823351193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev8:*:*:*:*:*:*",
"matchCriteriaId": "24367FAF-BC8B-45B7-9938-DE4A3EC289AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5:dev9:*:*:*:*:*:*",
"matchCriteriaId": "599CB200-80B0-4BE3-916B-C02165F718F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8346999-B3EE-4BBA-ABEA-F9D07017EBAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD95164-7653-4433-97AB-8D0BA0B89828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2EA9FE-BCD8-483D-91B2-FCDD096E9F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF8DB5D-B3DC-4EAC-A3A7-06846615980A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD4D155-8308-4C56-9DC9-7350C4194C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7D34DF90-6C92-416C-8ACB-CBA3B2C70681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A97FE8DC-B6CF-40A2-930F-28735D31077E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE68254-3D29-4A81-9C53-DF8B607EE35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0E32C0-5AE6-4FFD-934E-B8073F1508F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD56C71-A400-43BB-A38A-707F9042FCA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E50BB83-244C-4A4E-898D-6128A32B81D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "39E49693-4162-45BD-98D6-9831E6E170B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4977E9EA-8F9D-4176-B928-C501D3C5260A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3A064420-E3C5-4E40-853E-10FE2A93D16A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haproxy:haproxy:1.6:dev0:*:*:*:*:*:*",
"matchCriteriaId": "3F961D45-9983-464A-9C20-BE8022AAEC07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:openstack_cloud:5:*:*:*:*:*:*:*",
"matchCriteriaId": "A70EF794-432D-413D-A9B8-4875E8DE2B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:12:*:*:*:*:*:*:*",
"matchCriteriaId": "057121A7-3FF7-45DA-AEBD-A97F050B85B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request."
},
{
"lang": "es",
"value": "La funci\u00f3n buffer_slow_realign en HAProxy 1.5.x anterior a 1.5.14 y 1.6-dev no realinea correctamente un buffer que es utilizado para datos salientes pendientes, lo que permite a atacantes remotos obtener informaci\u00f3n sensible (contenidos de memoria no inicializada de solicitudes previas) a trav\u00e9s de una solicitud manipulada."
}
],
"id": "CVE-2015-3281",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-06T15:59:06.167",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.haproxy.org/news.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2668-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.haproxy.org/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2668-1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2015-04442
Vulnerability from cnvd - Published: 2015-07-14
VLAI Severity ?
Title
HAProxy信息泄露漏洞
Description
HAProxy是一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理,并能支持上万级别的连接,具有高效、稳定等特点。
HAProxy的‘buffer_slow_realign’函数存在安全漏洞,由于程序未能正确重组用于存放输出数据的缓冲区。远程攻击者利用该漏洞可通过发送特制的请求获取敏感信息(显示以前请求数据的未初始化的内存内容)。
Severity
中
Patch Name
HAProxy信息泄露漏洞的补丁
Patch Description
HAProxy是一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理,并能支持上万级别的连接,具有高效、稳定等特点。
HAProxy的‘buffer_slow_realign’函数存在安全漏洞,由于程序未能正确重组用于存放输出数据的缓冲区。远程攻击者利用该漏洞可通过发送特制的请求获取敏感信息(显示以前请求数据的未初始化的内存内容)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://www.haproxy.org/news.html
Reference
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3281
http://www.securityfocus.com/bid/75554
Impacted products
| Name | ['HAProxy HAProxy 1.5.x (<1.5.14 )', 'HAProxy HAProxy 1.6-dev'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "75554"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2015-3281"
}
},
"description": "HAProxy\u662f\u4e00\u6b3e\u5f00\u6e90\u7684TCP/HTTP\u8d1f\u8f7d\u5747\u8861\u670d\u52a1\u5668\u3002\u8be5\u670d\u52a1\u5668\u63d0\u4f9b4\u5c42\u30017\u5c42\u4ee3\u7406\uff0c\u5e76\u80fd\u652f\u6301\u4e0a\u4e07\u7ea7\u522b\u7684\u8fde\u63a5\uff0c\u5177\u6709\u9ad8\u6548\u3001\u7a33\u5b9a\u7b49\u7279\u70b9\u3002\r\n\r\nHAProxy\u7684\u2018buffer_slow_realign\u2019\u51fd\u6570\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u91cd\u7ec4\u7528\u4e8e\u5b58\u653e\u8f93\u51fa\u6570\u636e\u7684\u7f13\u51b2\u533a\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff08\u663e\u793a\u4ee5\u524d\u8bf7\u6c42\u6570\u636e\u7684\u672a\u521d\u59cb\u5316\u7684\u5185\u5b58\u5185\u5bb9\uff09\u3002",
"discovererName": "Charlie Smurthwaite of aTech Media",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.haproxy.org/news.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-04442",
"openTime": "2015-07-14",
"patchDescription": "HAProxy\u662f\u4e00\u6b3e\u5f00\u6e90\u7684TCP/HTTP\u8d1f\u8f7d\u5747\u8861\u670d\u52a1\u5668\u3002\u8be5\u670d\u52a1\u5668\u63d0\u4f9b4\u5c42\u30017\u5c42\u4ee3\u7406\uff0c\u5e76\u80fd\u652f\u6301\u4e0a\u4e07\u7ea7\u522b\u7684\u8fde\u63a5\uff0c\u5177\u6709\u9ad8\u6548\u3001\u7a33\u5b9a\u7b49\u7279\u70b9\u3002\r\n\r\nHAProxy\u7684\u2018buffer_slow_realign\u2019\u51fd\u6570\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u91cd\u7ec4\u7528\u4e8e\u5b58\u653e\u8f93\u51fa\u6570\u636e\u7684\u7f13\u51b2\u533a\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff08\u663e\u793a\u4ee5\u524d\u8bf7\u6c42\u6570\u636e\u7684\u672a\u521d\u59cb\u5316\u7684\u5185\u5b58\u5185\u5bb9\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "HAProxy\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"HAProxy HAProxy 1.5.x (\u003c1.5.14 )",
"HAProxy HAProxy 1.6-dev"
]
},
"referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3281\r\nhttp://www.securityfocus.com/bid/75554",
"serverity": "\u4e2d",
"submitTime": "2015-07-07",
"title": "HAProxy\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
GHSA-FFG4-HMHR-QR79
Vulnerability from github – Published: 2022-05-14 00:57 – Updated: 2022-05-14 00:57
VLAI?
Details
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
{
"affected": [],
"aliases": [
"CVE-2015-3281"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-07-06T15:59:00Z",
"severity": "MODERATE"
},
"details": "The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.",
"id": "GHSA-ffg4-hmhr-qr79",
"modified": "2022-05-14T00:57:40Z",
"published": "2022-05-14T00:57:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3281"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:1741"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:2666"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2015-3281"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1239072"
},
{
"type": "WEB",
"url": "http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"type": "WEB",
"url": "http://git.haproxy.org/?p=haproxy-1.5.git;a=commit;h=7ec765568883b2d4e5a2796adbeb492a22ec9bd4"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1741.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2666.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3301"
},
{
"type": "WEB",
"url": "http://www.haproxy.org/news.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/75554"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2668-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…