PT-2012-2442 · Apache · Apache Traffic Server

Published

2012-03-26

Updated

2013-03-26

CVE-2012-0256

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Apache Traffic Server versions 2.0.x through 3.0.3 Apache Traffic Server versions 3.1.x prior to 3.1.3

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, by sending a long HTTP Host header.

Recommendations For Apache Traffic Server versions 2.0.x through 3.0.3, update to version 3.0.4 or later. For Apache Traffic Server versions 3.1.x prior to 3.1.3, update to version 3.1.3 or later.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2012-0256

Affected Products

Apache Traffic Server

PT-2012-2442 · Apache · Apache Traffic Server

CVE-2012-0256

Weakness Enumeration

Related Identifiers

Affected Products

References · 11