Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Ov | PT SWARM
Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling by Ori Hollander and Or Peles
The vulnerability, CVE-2021-40346, is an Integer Overflow, triggerable via the Content-Length HTTP header, that makes it possible to conduct HTTP Request Smuggling attacks.
Contents: • Technical Background • HTTP Request Smuggling • HAProxy’s HTTP request processing phases (simplified) • Attack Scenario – Bypassing http-request ACLs • What happens inside HAProxy • Getting the HTTP response for the smuggled request • Attack demonstration – ACL bypass • Vulnerability Details • Automating the Discovery • Fixes and Workarounds
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...