exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2023-40225

Status Candidate

Overview

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

Related Files

Red Hat Security Advisory 2024-1142-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1142-03 - An update for haproxy is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 434273256431b6b9e831c9835bcb2fba3864ee3f7558795df1229f26598ab968
Download | Favorite | View
Red Hat Security Advisory 2024-1089-03
Posted Mar 5, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1089-03 - An update for haproxy is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | e4636439ab35021bb357aa2a62cdebbe77ad19dd86e3c7be20371b709059c340
Download | Favorite | View
Red Hat Security Advisory 2024-0308-03
Posted Jan 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0308-03 - Red Hat OpenShift Container Platform release 4.11.57 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 52f9b9d335e9e47501d96908f5a55b899ad39a226d336fd18aadf36e9929b3a5
Download | Favorite | View
Red Hat Security Advisory 2024-0200-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0200-03 - Red Hat OpenShift Container Platform release 4.12.47 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 32a96690289904abe613f944b6d5c4b64df532a4abda6c058b364e51b2a782de
Download | Favorite | View
Debian Security Advisory 5590-1
Posted Dec 28, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5590-1 - Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling or information disclosure.

tags | advisory, web, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2023-40225, CVE-2023-45539
SHA-256 | a26862fd9c15261a0556762eeff6b4507c638df9bea58642fe40caded089f310
Download | Favorite | View
Red Hat Security Advisory 2023-7606-03
Posted Dec 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7606-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-40225
SHA-256 | 474705a97f0387f4e88bd91fb5e8519ab21f17704ed21c56f2699b361e58a5c2
Download | Favorite | View
Ubuntu Security Notice USN-6294-2
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6294-2 - USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-40225
SHA-256 | d781113e83bdef2397942d94f0f5327411286b1e5bf60fc0a91451cecd337078
Download | Favorite | View
Ubuntu Security Notice USN-6294-1
Posted Aug 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6294-1 - Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-40225
SHA-256 | eb07f489e5aa114922ba5706f886aedf4d3738378f6fb7e9a080692a4e5c88c3
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close