Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache Traffic Server < 3.0.4 / 3.1.3 Buffer Overflow Vulnerability



The remote caching server is affected by a heap-based buffer overflow vulnerability.


Apache Traffic Server, an open source caching server, is installed on the remote host.

Versions of Apache Traffic Server earlier than 3.0.4 or 3.1.x earlier than 3.1.3 are potentially affected by a heap-based buffer overflow vulnerability when handling malicious HTTP host headers. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected service.


Upgrade to Apache Traffic Server 3.0.4, 3.1.3, or later.