Vulnerability CVE-2013-2175

Vulnerability Name:

CVE-2013-2175 (CCN-85020)

Assigned:

2013-06-17

Published:

2013-06-17

Updated:

2016-12-07

Summary:

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-284
CWE-20

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2013-2175

Source: CCN
Type: HAProxy Web site
HAProxy - The Reliable, High Performance TCP/HTTP Load Balancer

Source: MLIST
Type: Patch, Third Party Advisory
[haproxy] 20130617 [ANNOUNCE] haproxy-1.5-dev19 and 1.4.24 (security update)

Source: CCN
Type: RHSA-2013-1120
Moderate: haproxy security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:1120

Source: CCN
Type: RHSA-2013-1204
Moderate: haproxy security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:1204

Source: CCN
Type: SA53803
HAProxy Negative Occurrence Count Denial of Service Vulnerability

Source: SECUNIA
Type: UNKNOWN
54344

Source: DEBIAN
Type: Third Party Advisory
DSA-2711

Source: DEBIAN
Type: DSA-2711
haproxy -- several vulnerabilities

Source: CCN
Type: oss-sec Mailing List: Tue, 18 Jun 2013
CVE-2013-2175 : haproxy may crash when using header occurrences relative to the tail

Source: CCN
Type: BID-60588
HAProxy CVE-2013-2175 Multiple Denial of Service Vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-1889-1

Source: MISC
Type: Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=974259

Source: XF
Type: UNKNOWN
haproxy-cve20132175-dos(85020)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2013-2175

Vulnerable Configuration:

Configuration 1:

cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:redhat:enterprise_linux_load_balancer:6.0:*:*:*:*:*:*:*

OR cpe:/a:redhat:enterprise_linux_load_balancer:6.4:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:haproxy:haproxy:1.4:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.3:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.4:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.5:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.6:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.7:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.8:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.9:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.10:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.11:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.12:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.13:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.14:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.15:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.16:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.17:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.18:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.19:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.20:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.21:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.22:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.4.23:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:haproxy:haproxy:1.5:dev:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev0:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev1:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev10:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev11:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev12:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev13:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev14:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev15:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev16:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev17:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev18:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev2:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev3:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev4:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev5:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev6:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev7:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev8:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev9:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:haproxy:haproxy:1.4.22:*:*:*:*:*:*:*

AND

cpe:/a:haproxy:haproxy:1.4.23:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20132175	V	CVE-2013-2175	2022-09-02
oval:org.opensuse.security:def:6345	P	Security update for icu (Moderate) (in QA)	2022-08-22
oval:org.opensuse.security:def:5	P	apache2-2.4.43-3.17.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:6334	P	Security update for glib2 (Low)	2022-05-19
oval:org.opensuse.security:def:6323	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:6293	P	Security update for virglrenderer (Important) (in QA)	2022-01-17
oval:org.opensuse.security:def:112391	P	haproxy-1.7.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:6304	P	Security update for clamav-database (Important)	2022-01-17
oval:org.opensuse.security:def:6291	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:6359	P	Security update for the Linux Kernel (Important)	2022-01-13
oval:org.opensuse.security:def:6301	P	Security update for openexr (Important)	2022-01-12
oval:org.opensuse.security:def:6283	P	Security update for gegl (Important)	2021-12-31
oval:org.opensuse.security:def:6312	P	Security update for gegl (Important)	2021-12-28
oval:org.opensuse.security:def:7296	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:6461	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:7285	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:7274	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (Important)	2021-10-12
oval:org.opensuse.security:def:105901	P	haproxy-1.7.0-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:7264	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-09-16
oval:org.opensuse.security:def:6453	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:7263	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-08-17
oval:org.opensuse.security:def:55228	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:5083	P	Security update for php72 (Moderate)	2021-07-29
oval:org.opensuse.security:def:7252	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-07-16
oval:org.opensuse.security:def:6450	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:5070	P	Security update for zziplib (Moderate)	2021-06-25
oval:org.opensuse.security:def:5743	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:6472	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:5061	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:12772	P	haproxy-1.6.5-5.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:123988	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12782	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:55911	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:12793	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:5052	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:5019	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:5721	P	Security update for openexr (Moderate)	2021-04-07
oval:org.opensuse.security:def:7242	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:6315	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:6313	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:6442	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-23
oval:org.opensuse.security:def:6416	P	Security update for openssl-1_0_0 (Important)	2020-12-11
oval:org.opensuse.security:def:6440	P	Security update for the Linux Kernel (Important)	2020-12-10
oval:org.opensuse.security:def:11251	P	haproxy-1.5.4-1.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12804	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4792	P	Security update for dovecot23 (Important)	2020-12-02
oval:org.opensuse.security:def:4762	P	Security update for apache2-mod_jk (Important)	2020-12-02
oval:org.opensuse.security:def:4885	P	Security update for grub2 (Important)	2020-12-02
oval:org.opensuse.security:def:4994	P	Security update for nodejs8 (Important)	2020-12-02
oval:org.opensuse.security:def:4770	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4838	P	Security update for mariadb, mariadb-connector-c (Important)	2020-12-02
oval:org.opensuse.security:def:4919	P	Security update for salt (Moderate)	2020-12-02
oval:org.opensuse.security:def:4900	P	Security update for bind (Moderate)	2020-12-02
oval:org.opensuse.security:def:6536	P	xinetd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55066	P	bind-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6623	P	grub2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6421	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6603	P	freerdp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6583	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6540	P	xorg-x11-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6625	P	gstreamer-0_10-plugins-bad on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55745	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:6591	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6438	P	libsrtp1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6380	P	libgnomesu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56304	P	Security update for libtirpc (Important)	2020-12-01
oval:org.opensuse.security:def:6547	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56508	P	Security update for gdk-pixbuf (Low)	2020-12-01
oval:org.opensuse.security:def:6431	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6614	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6406	P	libmysqlclient18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6594	P	empathy on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6550	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6515	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6636	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6601	P	finch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55639	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:6582	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6391	P	libjbig2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56196	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:56470	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:6605	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6561	P	bind-libs-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55088	P	cyrus-sasl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6525	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56589	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:55065	P	bash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6612	P	gimp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6592	P	elfutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55466	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:6573	P	cracklib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6604	P	ft2demos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6427	P	libraw9 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56396	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:6369	P	libdmx1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6572	P	cpp48 on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:17239	P	USN-1889-1 -- HAProxy vulnerability	2014-06-30
oval:org.mitre.oval:def:18206	P	DSA-2711-1 haproxy - several	2014-06-23
oval:org.mitre.oval:def:23520	P	ELSA-2013:1120: haproxy security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:20842	P	RHSA-2013:1120: haproxy security update (Moderate)	2014-02-17
oval:com.ubuntu.precise:def:20132175000	V	CVE-2013-2175 on Ubuntu 12.04 LTS (precise) - medium.	2013-08-19
oval:com.redhat.rhsa:def:20131120	P	RHSA-2013:1120: haproxy security update (Moderate)	2013-07-30

BACK