Summary
This host is installed with Apache Traffic
Server is prone to remote denial of service vulnerability.
Impact
Successful exploitation will allow remote
attackers to crash the traffic_manager process.
Impact Level: Application.
Solution
Upgrade to version 5.1.2 or later,
For updates refer to http://trafficserver.apache.org
Insight
Flaw is due to an improper handling HTTP
TRACE requests with a 'Max-Forwards' header value of '0'.
Affected
Apache Traffic Server version 5.1.x
before 5.1.2
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-10022 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities