Download
| Alert*
oval:org.secpod.oval:def:603303
trafficserver is installed oval:org.secpod.oval:def:107315 trafficserver is installed oval:org.secpod.oval:def:74580 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, HTTP request smuggling or cache poisoning. oval:org.secpod.oval:def:69822 Two vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server: CVE-2020-17508 The ESI plugin was vulnerable to memory disclosure. CVE-2020-17509 The negative cache option was vulnerable to cache poisoning. oval:org.secpod.oval:def:605336 Two vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server: CVE-2020-17508 The ESI plugin was vulnerable to memory disclosure. CVE-2020-17509 The negative cache option was vulnerable to cache poisoning. oval:org.secpod.oval:def:604826 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or request smuggling attacks. oval:org.secpod.oval:def:607813 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling or MITM attacks. oval:org.secpod.oval:def:88361 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling or MITM attacks. oval:org.secpod.oval:def:88450 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling, cache poisoning or denial of service. oval:org.secpod.oval:def:603501 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, cache poisoning or information disclosure. oval:org.secpod.oval:def:53405 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, cache poisoning or information disclosure. oval:org.secpod.oval:def:53264 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. They could lead to the use of an incorrect upstream proxy, or allow a remote attacker to cause a denial-of-service by application crash. oval:org.secpod.oval:def:603295 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. They could lead to the use of an incorrect upstream proxy, or allow a remote attacker to cause a denial-of-service by application crash. oval:org.secpod.oval:def:107314 Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant caching proxy server. oval:org.secpod.oval:def:109253 Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant caching proxy server. oval:org.secpod.oval:def:109252 Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant caching proxy server. oval:org.secpod.oval:def:95159 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in information disclosure or denial of service. oval:org.secpod.oval:def:58058 The client can send continual pings to an HTTP/2 server, causing the server to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a Denial-of-Service. Also known as "HTTP/2 Ping Flood". oval:org.secpod.oval:def:69755 Several vulnerabilities were discovered in the HTTP/2 code of Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service. The fixes are too intrusive to backport to the version in the oldstable distribution . An upgrade to Debian stable is recommended instead ... oval:org.secpod.oval:def:58063 This sends a stream of SETTINGS frames to the server. Since the RFC requires that the server reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, o ... oval:org.secpod.oval:def:604527 Several vulnerabilities were discovered in the HTTP/2 code of Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service. The fixes are too intrusive to backport to the version in the oldstable distribution . An upgrade to Debian stable is recommended instead ... oval:org.secpod.oval:def:58060 This opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the servers queue the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a Denial-of-Service. Also known ... oval:org.secpod.oval:def:127475 Traffic Server is a high-performance building block for cloud services. Its more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching and ... oval:org.secpod.oval:def:127477 Traffic Server is a high-performance building block for cloud services. Its more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching and ... oval:org.secpod.oval:def:99992 Bartek Nowotarski discovered that Apache Traffic Server, a reverse and forward proxy server, was susceptible to denial of service via HTTP2 continuation frames. |