Description
An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.
References
https://git.haproxy.org/?p=haproxy.git
PatchVendor Advisory
https://github.com/haproxy/haproxy/commit/3b69886f7dcc3cfb3d166309018e6cfec9ce2c95
PatchThird Party Advisory
ExploitMitigationThird Party Advisory
https://www.debian.org/security/2021/dsa-4968
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2021-09-08T17:15:12.457
3 years agoLast modified
2023-11-07T03:38:33.673
1 year ago