Vulnerability Details CVE-2015-3281
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html
- http://rhn.redhat.com/errata/RHSA-2015-1741.html
- http://rhn.redhat.com/errata/RHSA-2015-2666.html
- http://www.debian.org/security/2015/dsa-3301
- http://www.haproxy.org/news.html
- http://www.securityfocus.com/bid/75554
- http://www.ubuntu.com/usn/USN-2668-1
- http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html
- http://rhn.redhat.com/errata/RHSA-2015-1741.html
- http://rhn.redhat.com/errata/RHSA-2015-2666.html
- http://www.debian.org/security/2015/dsa-3301
- http://www.haproxy.org/news.html
- http://www.securityfocus.com/bid/75554
- http://www.ubuntu.com/usn/USN-2668-1
Products affected by CVE-2015-3281
-
cpe:2.3:a:haproxy:haproxy:1.5
-
cpe:2.3:a:haproxy:haproxy:1.5.0
-
cpe:2.3:a:haproxy:haproxy:1.5.1
-
cpe:2.3:a:haproxy:haproxy:1.5.10
-
cpe:2.3:a:haproxy:haproxy:1.5.11
-
cpe:2.3:a:haproxy:haproxy:1.5.12
-
cpe:2.3:a:haproxy:haproxy:1.5.13
-
cpe:2.3:a:haproxy:haproxy:1.5.2
-
cpe:2.3:a:haproxy:haproxy:1.5.3
-
cpe:2.3:a:haproxy:haproxy:1.5.4
-
cpe:2.3:a:haproxy:haproxy:1.5.5
-
cpe:2.3:a:haproxy:haproxy:1.5.6
-
cpe:2.3:a:haproxy:haproxy:1.5.7
-
cpe:2.3:a:haproxy:haproxy:1.5.8
-
cpe:2.3:a:haproxy:haproxy:1.5.9
-
cpe:2.3:a:haproxy:haproxy:1.6
-
cpe:2.3:o:canonical:ubuntu_linux:14.10
-
cpe:2.3:o:canonical:ubuntu_linux:15.04
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:opensuse:openstack_cloud:5
-
cpe:2.3:o:opensuse:opensuse:13.2
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
-
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:12