Buffer Realignment Vulnerability in HAProxy 1.5.x and 1.6-dev

Buffer Realignment Vulnerability in HAProxy 1.5.x and 1.6-dev

CVE-2015-3281 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.

Learn more about our Web Application Penetration Testing UK.