OpenCVE

Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:H/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Haproxy	Haproxy

Configuration 1 [-]

cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://haproxy.1wt.eu/#news
http://haproxy.1wt.eu/download/1.4/src/CHANGELOG
http://haproxy.1wt.eu/git?p=haproxy-1.4.git%3Ba=commit%3Bh=30297cb17147a8d339eb160226bcc08c91d9530b
http://secunia.com/advisories/49261
http://security.gentoo.org/glsa/glsa-201301-02.xml
http://www.debian.org/security/2013/dsa-2711
http://www.openwall.com/lists/oss-security/2012/05/23/12
http://www.openwall.com/lists/oss-security/2012/05/23/15
http://www.openwall.com/lists/oss-security/2012/05/28/1
http://www.securityfocus.com/bid/53647
http://www.ubuntu.com/usn/USN-1800-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/75777

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-05-27T20:00:00

Updated: 2024-08-06T19:50:05.135Z

Reserved: 2012-05-27T00:00:00

Link: CVE-2012-2942

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-05-27T20:55:05.017

Modified: 2023-11-07T02:11:28.213

Link: CVE-2012-2942

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-05-16T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20120528 Duplicate CVE identifiers (CVE-2012-2391 and CVE-2012-2942) assigned to HAProxy issue", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/28/1"}, {"name": "GLSA-201301-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201301-02.xml"}, {"name": "[oss-security] 20120523 Re: CVE request: haproxy trash buffer overflow flaw", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/23/15"}, {"name": "haproxy-trash-bo(75777)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75777"}, {"name": "53647", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53647"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://haproxy.1wt.eu/#news"}, {"name": "DSA-2711", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2711"}, {"name": "49261", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49261"}, {"name": "USN-1800-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1800-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://haproxy.1wt.eu/git?p=haproxy-1.4.git%3Ba=commit%3Bh=30297cb17147a8d339eb160226bcc08c91d9530b"}, {"name": "[oss-security] 20120523 CVE request: haproxy trash buffer overflow flaw", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/23/12"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://haproxy.1wt.eu/download/1.4/src/CHANGELOG"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-2942", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20120528 Duplicate CVE identifiers (CVE-2012-2391 and CVE-2012-2942) assigned to HAProxy issue", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/28/1"}, {"name": "GLSA-201301-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201301-02.xml"}, {"name": "[oss-security] 20120523 Re: CVE request: haproxy trash buffer overflow flaw", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/23/15"}, {"name": "haproxy-trash-bo(75777)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75777"}, {"name": "53647", "refsource": "BID", "url": "http://www.securityfocus.com/bid/53647"}, {"name": "http://haproxy.1wt.eu/#news", "refsource": "CONFIRM", "url": "http://haproxy.1wt.eu/#news"}, {"name": "DSA-2711", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2711"}, {"name": "49261", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49261"}, {"name": "USN-1800-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1800-1"}, {"name": "http://haproxy.1wt.eu/git?p=haproxy-1.4.git;a=commit;h=30297cb17147a8d339eb160226bcc08c91d9530b", "refsource": "CONFIRM", "url": "http://haproxy.1wt.eu/git?p=haproxy-1.4.git;a=commit;h=30297cb17147a8d339eb160226bcc08c91d9530b"}, {"name": "[oss-security] 20120523 CVE request: haproxy trash buffer overflow flaw", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/23/12"}, {"name": "http://haproxy.1wt.eu/download/1.4/src/CHANGELOG", "refsource": "CONFIRM", "url": "http://haproxy.1wt.eu/download/1.4/src/CHANGELOG"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:50:05.135Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20120528 Duplicate CVE identifiers (CVE-2012-2391 and CVE-2012-2942) assigned to HAProxy issue", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/28/1"}, {"name": "GLSA-201301-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201301-02.xml"}, {"name": "[oss-security] 20120523 Re: CVE request: haproxy trash buffer overflow flaw", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/23/15"}, {"name": "haproxy-trash-bo(75777)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75777"}, {"name": "53647", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/53647"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://haproxy.1wt.eu/#news"}, {"name": "DSA-2711", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2013/dsa-2711"}, {"name": "49261", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49261"}, {"name": "USN-1800-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1800-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://haproxy.1wt.eu/git?p=haproxy-1.4.git%3Ba=commit%3Bh=30297cb17147a8d339eb160226bcc08c91d9530b"}, {"name": "[oss-security] 20120523 CVE request: haproxy trash buffer overflow flaw", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/23/12"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://haproxy.1wt.eu/download/1.4/src/CHANGELOG"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-2942", "datePublished": "2012-05-27T20:00:00", "dateReserved": "2012-05-27T00:00:00", "dateUpdated": "2024-08-06T19:50:05.135Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "B757FF21-72FC-4B35-A2E1-6FA06FA311F0", "versionEndIncluding": "1.4.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el trash buffer en la funcionalidad de captura de cabecera en HAProxy antes v1.4.21, cuando global.tune.bufsize se establece en un valor mayor que el valor predeterminado y la reescritura de cabecera est\u00e1 activada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio y, posiblemente, ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "id": "CVE-2012-2942", "lastModified": "2023-11-07T02:11:28.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-05-27T20:55:05.017", "references": [{"source": "cve@mitre.org", "url": "http://haproxy.1wt.eu/#news"}, {"source": "cve@mitre.org", "url": "http://haproxy.1wt.eu/download/1.4/src/CHANGELOG"}, {"source": "cve@mitre.org", "url": "http://haproxy.1wt.eu/git?p=haproxy-1.4.git%3Ba=commit%3Bh=30297cb17147a8d339eb160226bcc08c91d9530b"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49261"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-201301-02.xml"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2013/dsa-2711"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2012/05/23/12"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2012/05/23/15"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2012/05/28/1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/53647"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-1800-1"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75777"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}