Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:DOS:HAPROXY-REQDENY
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	HAProxy Reqdeny Denial Of Service
Release Date	2016/07/25
Update Number	2762
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: HAProxy Reqdeny Denial Of Service

This signature detects attempts to exploit a known vulnerability against HAProxy. Successful exploitation would result in a denial-of-service condition.

Extended Description

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.

Affected Products

Canonical ubuntu_linux 16.04
Haproxy haproxy 1.6.0
Haproxy haproxy 1.6.1
Haproxy haproxy 1.6.2
Haproxy haproxy 1.6.3
Haproxy haproxy 1.6.4
Haproxy haproxy 1.6.5

References

CVE: CVE-2016-5360
URL: http://www.openwall.com/lists/oss-security/2016/06/09/5

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: HAProxy Reqdeny Denial Of Service

Extended Description

Affected Products

References