CVE-2013-2175Improper Input Validation in Haproxy

CWE-20Improper Input ValidationCWE-284Improper Access Control8 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
0.1%
top 77.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
HaproxyDebian HaproxyCanonical Ubuntu Linux+2 more
Timeline
PublishedAug 19
Latest updateMay 17

Description

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

debiandebian/haproxy< haproxy 1.4.24-1 (bookworm)
Debianhaproxy/haproxy< 1.4.24-1+3
NVDhaproxy/haproxy26 versions+25

Also affects: Debian Linux 6.0, Ubuntu Linux 12.04, 12.10, 13.04

Patches

Patch: marc.infoPatch: marc.info

🔴Vulnerability Details

2
GHSA
GHSA-4wh9-9j6m-2gcq: HAProxy 12022-05-17
OSV
CVE-2013-2175: HAProxy 12013-08-19

📋Vendor Advisories

3
Ubuntu
HAProxy vulnerability2013-06-20
Red Hat
haproxy: http_get_hdr()/get_ip_from_hdr2() MAX_HDR_HISTORY handling denial of service2013-06-17
Debian
CVE-2013-2175: haproxy - HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_i...2013

💬Community

2
Bugzilla
CVE-2013-2175 haproxy: http_get_hdr()/get_ip_from_hdr2() MAX_HDR_HISTORY handling denial of service [fedora-all]2013-06-17
Bugzilla
CVE-2013-2175 haproxy: http_get_hdr()/get_ip_from_hdr2() MAX_HDR_HISTORY handling denial of service2013-06-13