|Category:||Debian Local Security Checks|
|Title:||Debian: Security Advisory for haproxy (DSA-4649-1)|
|Summary:||The remote host is missing an update for the 'haproxy'; package(s) announced via the DSA-4649-1 advisory.|
The remote host is missing an update for the 'haproxy'
package(s) announced via the DSA-4649-1 advisory.
Felix Wilhelm of Google Project Zero discovered that HAProxy, a TCP/HTTP
reverse proxy, did not properly handle HTTP/2 headers. This would allow
an attacker to write arbitrary bytes around a certain location on the
heap, resulting in denial-of-service or potential arbitrary code
'haproxy' package(s) on Debian Linux.
For the stable distribution (buster), this problem has been fixed in
We recommend that you upgrade your haproxy packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-11100|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.