Apache Traffic Server -- heap overflow vulnerability

2012-03-22T00:00:00
ID ACAB2F88-7490-11E1-865F-00E0814CAB4E
Type freebsd
Reporter FreeBSD
Modified 2012-03-22T00:00:00

Description

CERT-FI reports:

A heap overflow vulnerability has been found in the HTTP (Hypertext Transfer Protocol) protocol handling of Apache Traffic Server. The vulnerability allows an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified HTTP message to an affected server.