Your submission was sent successfully! Close

CVE-2012-2942

Published: 27 May 2012

Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.

Notes

AuthorNote
mdeslaur
CVE-2012-2391 was a duplicate of this CVE and got rejected.
Priority

Low

Status

Package Release Status
haproxy
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid Ignored
(reached end-of-life)
natty Ignored
(reached end-of-life)
oneiric
Released (1.4.15-1ubuntu0.1)
precise
Released (1.4.18-0ubuntu1.1)
quantal
Released (1.4.18-0ubuntu2.1)
raring
Released (1.4.18-0ubuntu3)
upstream
Released (1.4.21)
Patches:
upstream: http://haproxy.1wt.eu/git?p=haproxy-1.4.git;a=commit;h=30297cb17147a8d339eb160226bcc08c91d9530b
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu.