Test ID:	1.3.6.1.4.1.25623.1.0.882283
Category:	CentOS Local Security Checks
Title:	CentOS Update for haproxy CESA-2015:1741 centos7
Summary:	Check the version of haproxy
Description:	Summary: Check the version of haproxy Vulnerability Insight: HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. (CVE-2015-3281) All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. Affected Software/OS: haproxy on CentOS 7 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3281 75554 http://www.securityfocus.com/bid/75554 DSA-3301 http://www.debian.org/security/2015/dsa-3301 RHSA-2015:1741 http://rhn.redhat.com/errata/RHSA-2015-1741.html RHSA-2015:2666 http://rhn.redhat.com/errata/RHSA-2015-2666.html SUSE-SU-2015:1663 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html USN-2668-1 http://www.ubuntu.com/usn/USN-2668-1 http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 http://www.haproxy.org/news.html openSUSE-SU-2015:1831 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.