Description

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

Remediation

References

CVE-2017-7671

Related Vulnerabilities

Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5485)

PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-31628)

GibbonEdu Session Fixation Vulnerability (CVE-2022-27305)

Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)

Apache Tomcat Other Vulnerability (CVE-2006-3835)

Severity

High

Classification

CVE-2017-7671 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities