Summary
This host is installed with Apache Traffic
Server is prone to remote denial of service vulnerability.
Impact
Successful exploitation will allow remote
attackers to crash the traffic_manager process.
Impact Level: Application.
Solution
Upgrade to version 4.2.1.1 or 5.0.1
or later, For updates refer to http://trafficserver.apache.org
Insight
An unspecified flaw in traffic_cop that
is triggered as the program fails to restrict access to synthetic health checks.
Affected
Apache Traffic Server version 3.x through
3.2.5, 4.x before 4.2.1.1, and 5.x before 5.0.1
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-3525 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities