English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.851120
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for haproxy (openSUSE-SU-2015:1831-1)
Summary:The remote host is missing an update for the 'haproxy'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'haproxy'
package(s) announced via the referenced advisory.

Vulnerability Insight:
haproxy was updated to fix two security issues.

These security issues were fixed:

- CVE-2015-3281: The buffer_slow_realign function in HAProxy did not
properly realign a buffer that is used for pending outgoing data, which
allowed remote attackers to obtain sensitive information (uninitialized
memory contents of previous requests) via a crafted request (bsc#937042).

- Changed DH parameters to prevent Logjam attack.

These non-security issues were fixed:

- BUG/MAJOR: buffers: make the buffer_slow_realign() function respect
output data

- BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id

- MEDIUM: ssl: replace standards DH groups with custom ones

- BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten

- MINOR: ssl: add a destructor to free allocated SSL resources

- BUG/MINOR: ssl: Display correct filename in error message

- MINOR: ssl: load certificates in alphabetical order

- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl
healthchecks

- BUG/MEDIUM: ssl: force a full GC in case of memory shortage

- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of
OOM.

- BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates

- MINOR: ssl: add statement to force some ssl options in global.

- MINOR: ssl: add 'ssl_c_der' and 'ssl_f_der' to return DER
formatted certs

Affected Software/OS:
haproxy on openSUSE 13.2

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-3281
75554
http://www.securityfocus.com/bid/75554
DSA-3301
http://www.debian.org/security/2015/dsa-3301
RHSA-2015:1741
http://rhn.redhat.com/errata/RHSA-2015-1741.html
RHSA-2015:2666
http://rhn.redhat.com/errata/RHSA-2015-2666.html
SUSE-SU-2015:1663
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
USN-2668-1
http://www.ubuntu.com/usn/USN-2668-1
http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4
http://www.haproxy.org/news.html
openSUSE-SU-2015:1831
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.