CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
93.3%
CentOS Errata and Security Advisory CESA-2014:1292
HAProxy provides high availability, load balancing, and proxying for TCP
and HTTP-based applications.
A buffer overflow flaw was discovered in the way HAProxy handled, under
very specific conditions, data uploaded from a client. A remote attacker
could possibly use this flaw to crash HAProxy. (CVE-2014-6269)
All haproxy users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-September/082746.html
Affected packages:
haproxy
Upstream details at:
https://access.redhat.com/errata/RHSA-2014:1292
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | x86_64 | haproxy | < 1.5.2-3.el7_0 | haproxy-1.5.2-3.el7_0.x86_64.rpm |