Apache Traffic Server < 3.0.4 / 3.1.3 Buffer Overflow Vulnerability

high Nessus Network Monitor Plugin ID 6401

Synopsis

The remote caching server is affected by a heap-based buffer overflow vulnerability.

Description

Apache Traffic Server, an open source caching server, is installed on the remote host.

Versions of Apache Traffic Server earlier than 3.0.4 or 3.1.x earlier than 3.1.3 are potentially affected by a heap-based buffer overflow vulnerability when handling malicious HTTP host headers. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected service.

Solution

Upgrade to Apache Traffic Server 3.0.4, 3.1.3, or later.

See Also

http://seclists.org/fulldisclosure/2012/Mar/260

https://www.cert.fi/en/reports/2012/vulnerability612884.html

Plugin Details

Severity: High

ID: 6401

Family: Web Servers

Published: 3/29/2012

Updated: 3/6/2019

Nessus ID: 58593

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:traffic_server

Patch Publication Date: 3/22/2012

Vulnerability Publication Date: 3/22/2012

Reference Information

CVE: CVE-2012-0256

BID: 52696