Vulnerability Name:

CVE-2014-6269 (CCN-95836)

Assigned:2014-08-05
Published:2014-08-05
Updated:2014-10-02
Summary:Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-189
CWE-400
Vulnerability Consequences:Gain Access
References:Source: MLIST
Type: Exploit
[haproxy] 20140805 segfault in http_skip_chunk_crlf after 16G of data has passed through haproxy

Source: MLIST
Type: UNKNOWN
[haproxy] 20140902 [ANNOUNCE] haproxy-1.5.4

Source: MITRE
Type: CNA
CVE-2014-6269

Source: CCN
Type: HAProxy GIT Repository
don't update msg sov once data start to leave the buffer

Source: CONFIRM
Type: UNKNOWN
http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c

Source: CCN
Type: RHSA-2014-1292
Moderate: haproxy security update

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1292

Source: CCN
Type: oss-security Mailing List, Tue, 9 Sep 2014 15:02:21 +0200
CVE Request: haproxy read out of bounds

Source: CCN
Type: oss-security Mailing List, Tue, 9 Sep 2014 14:41:24 -0400 (EDT)
Re: CVE Request: haproxy read out of bounds

Source: SECUNIA
Type: UNKNOWN
59936

Source: SECUNIA
Type: UNKNOWN
61507

Source: MLIST
Type: UNKNOWN
[oss-security] 20140909 Re: CVE Request: haproxy read out of bounds

Source: CCN
Type: BID-69690
HAProxy Multiple Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
haproxy-cve20146269-bo(95836)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-6269

Vulnerable Configuration:Configuration 1:
  • cpe:/a:haproxy:haproxy:1.5:dev23:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5:dev24:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5:dev25:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5:dev26:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:haproxy:haproxy:1.5.3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:haproxy:haproxy:1.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20146269
    V
    		CVE-2014-6269
    2022-09-02
    oval:org.opensuse.security:def:6345
    P
    		Security update for icu (Moderate) (in QA)
    2022-08-22
    oval:org.opensuse.security:def:5
    P
    		apache2-2.4.43-3.17.1 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:6334
    P
    		Security update for glib2 (Low)
    2022-05-19
    oval:org.opensuse.security:def:6323
    P
    		Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:6293
    P
    		Security update for virglrenderer (Important) (in QA)
    2022-01-17
    oval:org.opensuse.security:def:112391
    P
    		haproxy-1.7.0-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:6304
    P
    		Security update for clamav-database (Important)
    2022-01-17
    oval:org.opensuse.security:def:6291
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:6359
    P
    		Security update for the Linux Kernel (Important)
    2022-01-13
    oval:org.opensuse.security:def:6301
    P
    		Security update for openexr (Important)
    2022-01-12
    oval:org.opensuse.security:def:6283
    P
    		Security update for gegl (Important)
    2021-12-31
    oval:org.opensuse.security:def:6312
    P
    		Security update for gegl (Important)
    2021-12-28
    oval:org.opensuse.security:def:7296
    P
    		Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP3) (Important)
    2021-12-14
    oval:org.opensuse.security:def:6461
    P
    		Security update for java-1_8_0-openjdk (Important)
    2021-11-23
    oval:org.opensuse.security:def:7285
    P
    		Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:7274
    P
    		Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (Important)
    2021-10-12
    oval:org.opensuse.security:def:105901
    P
    		haproxy-1.7.0-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:7264
    P
    		Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)
    2021-09-16
    oval:org.opensuse.security:def:6453
    P
    		Security update for java-1_8_0-openjdk (Important)
    2021-08-20
    oval:org.opensuse.security:def:7263
    P
    		Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)
    2021-08-17
    oval:org.opensuse.security:def:55228
    P
    		Security update for djvulibre (Important)
    2021-08-05
    oval:org.opensuse.security:def:5083
    P
    		Security update for php72 (Moderate)
    2021-07-29
    oval:org.opensuse.security:def:7252
    P
    		Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)
    2021-07-16
    oval:org.opensuse.security:def:6450
    P
    		Security update for the Linux Kernel (Important)
    2021-07-14
    oval:org.opensuse.security:def:5070
    P
    		Security update for zziplib (Moderate)
    2021-06-25
    oval:org.opensuse.security:def:5743
    P
    		Security update for postgresql12 (Moderate)
    2021-06-17
    oval:org.opensuse.security:def:6472
    P
    		Security update for postgresql12 (Moderate)
    2021-06-17
    oval:org.opensuse.security:def:5061
    P
    		Security update for freeradius-server (Moderate)
    2021-06-11
    oval:org.opensuse.security:def:12772
    P
    		haproxy-1.6.5-5.9 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:123988
    P
    		haproxy-1.6.11-10.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12782
    P
    		haproxy-1.6.11-10.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:55911
    P
    		Security update for spice (Important)
    2021-06-08
    oval:org.opensuse.security:def:12793
    P
    		haproxy-1.6.11-10.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:5052
    P
    		Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:5019
    P
    		Security update for sudo (Important)
    2021-04-20
    oval:org.opensuse.security:def:5721
    P
    		Security update for openexr (Moderate)
    2021-04-07
    oval:org.opensuse.security:def:7242
    P
    		Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP2) (Important)
    2021-03-17
    oval:org.opensuse.security:def:6315
    P
    		Security update for avahi (Moderate)
    2021-02-23
    oval:org.opensuse.security:def:6313
    P
    		Security update for python (Important)
    2021-02-11
    oval:org.opensuse.security:def:6442
    P
    		Security update for java-1_8_0-ibm (Moderate)
    2020-12-23
    oval:org.opensuse.security:def:6416
    P
    		Security update for openssl-1_0_0 (Important)
    2020-12-11
    oval:org.opensuse.security:def:6440
    P
    		Security update for the Linux Kernel (Important)
    2020-12-10
    oval:org.opensuse.security:def:11251
    P
    		haproxy-1.5.4-1.10 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:12804
    P
    		haproxy-1.6.11-10.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4770
    P
    		Security update for qemu (Important)
    2020-12-02
    oval:org.opensuse.security:def:4838
    P
    		Security update for mariadb, mariadb-connector-c (Important)
    2020-12-02
    oval:org.opensuse.security:def:4919
    P
    		Security update for salt (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4900
    P
    		Security update for bind (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4792
    P
    		Security update for dovecot23 (Important)
    2020-12-02
    oval:org.opensuse.security:def:4762
    P
    		Security update for apache2-mod_jk (Important)
    2020-12-02
    oval:org.opensuse.security:def:4885
    P
    		Security update for grub2 (Important)
    2020-12-02
    oval:org.opensuse.security:def:4994
    P
    		Security update for nodejs8 (Important)
    2020-12-02
    oval:org.opensuse.security:def:6547
    P
    		ImageMagick on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56508
    P
    		Security update for gdk-pixbuf (Low)
    2020-12-01
    oval:org.opensuse.security:def:6431
    P
    		libsmi on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6614
    P
    		glibc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6406
    P
    		libmysqlclient18 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6594
    P
    		empathy on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6550
    P
    		aaa_base on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6515
    P
    		sysvinit-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6636
    P
    		hplip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6601
    P
    		finch on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55639
    P
    		Security update for strongswan (Important)
    2020-12-01
    oval:org.opensuse.security:def:6582
    P
    		dbus-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6391
    P
    		libjbig2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56196
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:56470
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:6605
    P
    		fuse on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6561
    P
    		bind-libs-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55088
    P
    		cyrus-sasl on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6525
    P
    		vorbis-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56589
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55065
    P
    		bash on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6612
    P
    		gimp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6592
    P
    		elfutils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55466
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:6573
    P
    		cracklib on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6604
    P
    		ft2demos on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6427
    P
    		libraw9 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56396
    P
    		Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6369
    P
    		libdmx1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6572
    P
    		cpp48 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6536
    P
    		xinetd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55066
    P
    		bind-utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6623
    P
    		grub2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6421
    P
    		libproxy1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6603
    P
    		freerdp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6583
    P
    		dbus-1-glib on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6540
    P
    		xorg-x11-server on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6625
    P
    		gstreamer-0_10-plugins-bad on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55745
    P
    		Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:6591
    P
    		ecryptfs-utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6438
    P
    		libsrtp1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6380
    P
    		libgnomesu on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56304
    P
    		Security update for libtirpc (Important)
    2020-12-01
    oval:org.mitre.oval:def:26516
    P
    		ELSA-2014-1292 -- haproxy security update (Moderate)
    2014-11-17
    oval:org.mitre.oval:def:26636
    P
    		RHSA-2014:1292: haproxy security update (Moderate)
    2014-11-10
    oval:com.ubuntu.precise:def:20146269000
    V
    		CVE-2014-6269 on Ubuntu 12.04 LTS (precise) - medium.
    2014-09-30
    oval:com.ubuntu.trusty:def:20146269000
    V
    		CVE-2014-6269 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-09-30
    oval:com.redhat.rhsa:def:20141292
    P
    		RHSA-2014:1292: haproxy security update (Moderate)
    2014-09-24
    BACK
    haproxy haproxy 1.5 dev23
    haproxy haproxy 1.5 dev24
    haproxy haproxy 1.5 dev25
    haproxy haproxy 1.5 dev26
    haproxy haproxy 1.5.0
    haproxy haproxy 1.5.1
    haproxy haproxy 1.5.2
    haproxy haproxy 1.5.3
    haproxy haproxy 1.5
    redhat enterprise linux server 7
    redhat enterprise linux workstation 7