CVE-2013-2175

NONECVSS 0.0

0.0

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable.

🔗 References (14)

secalert@redhathttp://marc.info/?l=haproxy&m=137147915029705&w=2
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-1120.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-1204.html
secalert@redhathttp://secunia.com/advisories/54344
secalert@redhathttp://www.debian.org/security/2013/dsa-2711
secalert@redhathttp://www.ubuntu.com/usn/USN-1889-1
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=974259
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=haproxy&m=137147915029705&w=2
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1120.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1204.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/54344
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2711
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1889-1
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=974259

Is Your Infrastructure Affected by CVE-2013-2175?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-2175

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-2175?