17 matches found
Fedora: Security Advisory (FEDORA-2024-b1e16b4335)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-111a8a624b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : trafficserver (2024-111a8a624b)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-111a8a624b advisory. Update to upstream 9.2.4, resolves CVE-2024-31309 CONTINUATION frames DoS Tenable has extracted the preceding description block directly from the...
[SECURITY] [DLA 3799-1] trafficserver security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 28, 2024 https://wiki.debian.org/LTS -...
Debian dla-3799 : trafficserver - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3799 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 [email protected] https://www.debian.org/lts/security/...
Debian dsa-5659 : trafficserver - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5659 advisory. - HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 a...
Fedora 39 : trafficserver (2024-b1e16b4335)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b1e16b4335 advisory. Update to upstream 9.2.4, resolves CVE-2024-31309 CONTINUATION frames DoS Tenable has extracted the preceding description block directly from the...
CVE-2024-31309
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...
CVE-2024-31309
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...
UBUNTU-CVE-2024-31309
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...
CVE-2024-31309 Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...
CVE-2024-31309 Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...
CVE-2024-31309
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...
CVE-2024-31309
CVE-2024-31309 affects Apache Traffic Server (ATS) HTTP/2 CONTINUATION handling. A DoS can occur due to CONTINUATION frame floods, impacting ATS 8.0.0–8.1.9 and 9.0.0–9.2.3. Upstream fixes are in 8.1.10 and 9.2.4. Practical mitigation includes setting proxy.config.http2.max_continuation_frames_pe...
K000139236: Apache Traffic Server HTTP/2 CONTINUATION DoS attack vulnerability CVE-2024-31309
Security Advisory Description HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. CVE-2024-31309 Impact There is no impact; F5 products are not affected by this...
CVE-2024-31309
creationtimestamp| type| source ---|---|--- 2024-04-09 08:14:27+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6990 2024-04-09 15:41:27+00:00| published-proof-of-concept| https://t.me/proxybar/1998 2024-04-12 10:05:59+00:00| seen| https://t.me/arpsyndicate/4585...
Security Advisory 0094
Security Advisory 0094 PDF Date: April 5, 2024 Revision | Date | Changes ---|---|--- 1.0 | April 3, 2024 | Initial release 1.1 | April 5, 2024 | Update required configuration for exploitation and mitigation Description Arista Networks is providing this security update in response to the following...