Test Kennung:	1.3.6.1.4.1.25623.1.0.146192
Kategorie:	Web Servers
Titel:	Apache Traffic Server (ATS) 7.0.0 < 8.1.2, 9.0.0 < 9.0.2 Multiple Vulnerabilities
Zusammenfassung:	Apache Traffic Server is prone to multiple vulnerabilities.
Beschreibung:	Summary: Apache Traffic Server is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2021-27577: Incorrect handling of url fragment leads to cache poisoning - CVE-2021-32565: HTTP Request Smuggling, content length with invalid charters - CVE-2021-32566: Specific sequence of HTTP/2 frames can cause ATS to crash - CVE-2021-32567: Reading HTTP/2 frames too many times - CVE-2021-35474: Dynamic stack buffer overflow in cachekey plugin Affected Software/OS: Apache Traffic Server version 7.0.0 through 7.1.12, 8.0.0 through 8.1.1 and 9.0.0 through 9.0.1. Solution: Update to version 8.1.2, 9.0.2 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-27577 Debian Security Information: DSA-4957 (Google Search) https://www.debian.org/security/2021/dsa-4957 https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2021-32565 Common Vulnerability Exposure (CVE) ID: CVE-2021-32566 Common Vulnerability Exposure (CVE) ID: CVE-2021-32567 Common Vulnerability Exposure (CVE) ID: CVE-2021-35474
Copyright	Copyright (C) 2021 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.