Summary
Apache Traffic Server is prone to a remote DNS cache-poisoning vulnerability.
An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site.
Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of- service attacks.
Versions prior to Apache Traffic Server 2.0.1.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2952 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
- Apple iTunes Multiple Vulnerabilities - Apr10
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
- Avant Browser Address Bar Spoofing Vulnerability