CVE-2010-2952

Name of the Vulnerable Software and Affected Versions Apache Traffic Server versions prior to 2.0.1 Apache Traffic Server versions 2.1.x prior to 2.1.2-unstable

Description The issue makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response, due to improper choice of DNS source ports and transaction IDs, and improper use of DNS query fields to validate responses.

Recommendations For Apache Traffic Server versions prior to 2.0.1, update to version 2.0.1 or later. For Apache Traffic Server versions 2.1.x prior to 2.1.2-unstable, update to version 2.1.2-unstable or later.