Vulnerability CVE-2014-6269

Vulnerability Name:

CVE-2014-6269 (CCN-95836)

Assigned:

2014-08-05

Published:

2014-08-05

Updated:

2014-10-02

Summary:

Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-189
CWE-400

Vulnerability Consequences:

Gain Access

References:

Source: MLIST
Type: Exploit
[haproxy] 20140805 segfault in http_skip_chunk_crlf after 16G of data has passed through haproxy

Source: MLIST
Type: UNKNOWN
[haproxy] 20140902 [ANNOUNCE] haproxy-1.5.4

Source: MITRE
Type: CNA
CVE-2014-6269

Source: CCN
Type: HAProxy GIT Repository
don't update msg sov once data start to leave the buffer

Source: CONFIRM
Type: UNKNOWN
http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c

Source: CCN
Type: RHSA-2014-1292
Moderate: haproxy security update

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1292

Source: CCN
Type: oss-security Mailing List, Tue, 9 Sep 2014 15:02:21 +0200
CVE Request: haproxy read out of bounds

Source: CCN
Type: oss-security Mailing List, Tue, 9 Sep 2014 14:41:24 -0400 (EDT)
Re: CVE Request: haproxy read out of bounds

Source: SECUNIA
Type: UNKNOWN
59936

Source: SECUNIA
Type: UNKNOWN
61507

Source: MLIST
Type: UNKNOWN
[oss-security] 20140909 Re: CVE Request: haproxy read out of bounds

Source: CCN
Type: BID-69690
HAProxy Multiple Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
haproxy-cve20146269-bo(95836)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-6269

Vulnerable Configuration:

Configuration 1:

cpe:/a:haproxy:haproxy:1.5:dev23:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev24:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev25:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5:dev26:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5.0:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5.2:*:*:*:*:*:*:*

OR cpe:/a:haproxy:haproxy:1.5.3:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:haproxy:haproxy:1.5:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20146269	V	CVE-2014-6269	2022-09-02
oval:org.opensuse.security:def:6345	P	Security update for icu (Moderate) (in QA)	2022-08-22
oval:org.opensuse.security:def:5	P	apache2-2.4.43-3.17.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:6334	P	Security update for glib2 (Low)	2022-05-19
oval:org.opensuse.security:def:6323	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:6293	P	Security update for virglrenderer (Important) (in QA)	2022-01-17
oval:org.opensuse.security:def:112391	P	haproxy-1.7.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:6304	P	Security update for clamav-database (Important)	2022-01-17
oval:org.opensuse.security:def:6291	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:6359	P	Security update for the Linux Kernel (Important)	2022-01-13
oval:org.opensuse.security:def:6301	P	Security update for openexr (Important)	2022-01-12
oval:org.opensuse.security:def:6283	P	Security update for gegl (Important)	2021-12-31
oval:org.opensuse.security:def:6312	P	Security update for gegl (Important)	2021-12-28
oval:org.opensuse.security:def:7296	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:6461	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:7285	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:7274	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (Important)	2021-10-12
oval:org.opensuse.security:def:105901	P	haproxy-1.7.0-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:7264	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-09-16
oval:org.opensuse.security:def:6453	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:7263	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-08-17
oval:org.opensuse.security:def:55228	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:5083	P	Security update for php72 (Moderate)	2021-07-29
oval:org.opensuse.security:def:7252	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-07-16
oval:org.opensuse.security:def:6450	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:5070	P	Security update for zziplib (Moderate)	2021-06-25
oval:org.opensuse.security:def:5743	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:6472	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:5061	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:12772	P	haproxy-1.6.5-5.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:123988	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12782	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:55911	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:12793	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:5052	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:5019	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:5721	P	Security update for openexr (Moderate)	2021-04-07
oval:org.opensuse.security:def:7242	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:6315	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:6313	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:6442	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-23
oval:org.opensuse.security:def:6416	P	Security update for openssl-1_0_0 (Important)	2020-12-11
oval:org.opensuse.security:def:6440	P	Security update for the Linux Kernel (Important)	2020-12-10
oval:org.opensuse.security:def:11251	P	haproxy-1.5.4-1.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12804	P	haproxy-1.6.11-10.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4770	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4838	P	Security update for mariadb, mariadb-connector-c (Important)	2020-12-02
oval:org.opensuse.security:def:4919	P	Security update for salt (Moderate)	2020-12-02
oval:org.opensuse.security:def:4900	P	Security update for bind (Moderate)	2020-12-02
oval:org.opensuse.security:def:4792	P	Security update for dovecot23 (Important)	2020-12-02
oval:org.opensuse.security:def:4762	P	Security update for apache2-mod_jk (Important)	2020-12-02
oval:org.opensuse.security:def:4885	P	Security update for grub2 (Important)	2020-12-02
oval:org.opensuse.security:def:4994	P	Security update for nodejs8 (Important)	2020-12-02
oval:org.opensuse.security:def:6547	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56508	P	Security update for gdk-pixbuf (Low)	2020-12-01
oval:org.opensuse.security:def:6431	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6614	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6406	P	libmysqlclient18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6594	P	empathy on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6550	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6515	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6636	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6601	P	finch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55639	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:6582	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6391	P	libjbig2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56196	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:56470	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:6605	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6561	P	bind-libs-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55088	P	cyrus-sasl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6525	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56589	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:55065	P	bash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6612	P	gimp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6592	P	elfutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55466	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:6573	P	cracklib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6604	P	ft2demos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6427	P	libraw9 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56396	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:6369	P	libdmx1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6572	P	cpp48 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6536	P	xinetd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55066	P	bind-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6623	P	grub2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6421	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6603	P	freerdp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6583	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6540	P	xorg-x11-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6625	P	gstreamer-0_10-plugins-bad on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55745	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:6591	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6438	P	libsrtp1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6380	P	libgnomesu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56304	P	Security update for libtirpc (Important)	2020-12-01
oval:org.mitre.oval:def:26516	P	ELSA-2014-1292 -- haproxy security update (Moderate)	2014-11-17
oval:org.mitre.oval:def:26636	P	RHSA-2014:1292: haproxy security update (Moderate)	2014-11-10
oval:com.ubuntu.precise:def:20146269000	V	CVE-2014-6269 on Ubuntu 12.04 LTS (precise) - medium.	2014-09-30
oval:com.ubuntu.trusty:def:20146269000	V	CVE-2014-6269 on Ubuntu 14.04 LTS (trusty) - medium.	2014-09-30
oval:com.redhat.rhsa:def:20141292	P	RHSA-2014:1292: haproxy security update (Moderate)	2014-09-24

BACK