We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.

Apache Traffic Server Gets Security Update

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Version 3.0.4 of Apache Traffic Server was recently released.

"An error when parsing a large 'Host:' HTTP header can be used to cause a heap-based buffer overflow, which could lead to a denial-of-service (DoS) condition or the execution of arbitrary code," The H Security reports. "The vulnerability (CVE-2012-0256) was reported to Apache by Codenomicon via CERT-FI and is rated as 'Important.'"

"All 2.0.x versions as well as 3.0.x and 3.1.x up to and including 3.0.3 and 3.1.2 are affected," the article states. "Upgrading to 3.0.4 fixes the problem."

Go to "Apache Traffic Server update closes important security hole" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.

Submit a Comment

Loading Comments...