13 matches found
📄 Apache Traffic Server 9.2.5 Denial of Service
Proof of concept remote denial of service exploit for Apache Traffic Server versions 9.2.0 through 9.2.5 that leverages the host header. ============================================================================================================================================= | Title : Apache...
Linux Distros Unpatched Vulnerability : CVE-2024-50305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users ar...
Fedora: Security Advisory (FEDORA-2024-b3c4e8da81)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-589ea34c42)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : trafficserver (2024-f4dc07db08)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f4dc07db08 advisory. - Update to upstream 9.2.6 - Backport fix for broken oubound TLS with OpenSSL 3.2+ - Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306 Tenable...
Fedora 40 : trafficserver (2024-b3c4e8da81)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b3c4e8da81 advisory. - Update to upstream 9.2.6 - Backport fix for broken oubound TLS with OpenSSL 3.2+ - Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306 Tenable...
CVE-2024-50305
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...
CVE-2024-50305
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...
CVE-2024-50305
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...
CVE-2024-50305
Apache Traffic Server (affected: 9.2.0–9.2.5) contains CVE-2024-50305 due to a flaw with the Valid Host header field that can cause a crash on some platforms. The issue is addressed by upgrading to 9.2.6 or 10.0.2 (which does not have the issue). If present, also consider broader advisories acros...
CVE-2024-50305 Apache Traffic Server: Valid Host field value can cause crashes
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...
CVE-2024-50305
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...
CVE-2024-50305 Apache Traffic Server: Valid Host field value can cause crashes
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...