dcsimg

Apache Traffic Server Gets Security Update

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

Version 3.0.4 of Apache Traffic Server was recently released.

"An error when parsing a large 'Host:' HTTP header can be used to cause a heap-based buffer overflow, which could lead to a denial-of-service (DoS) condition or the execution of arbitrary code," The H Security reports. "The vulnerability (CVE-2012-0256) was reported to Apache by Codenomicon via CERT-FI and is rated as 'Important.'"

"All 2.0.x versions as well as 3.0.x and 3.1.x up to and including 3.0.3 and 3.1.2 are affected," the article states. "Upgrading to 3.0.4 fixes the problem."

Go to "Apache Traffic Server update closes important security hole" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.

Submit a Comment

Loading Comments...