FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Apache Traffic Server -- heap overflow vulnerability

Affected packages
trafficserver < 3.0.4

Details

VuXML ID acab2f88-7490-11e1-865f-00e0814cab4e
Discovery 2012-03-22
Entry 2012-03-24

CERT-FI reports:

A heap overflow vulnerability has been found in the HTTP (Hypertext Transfer Protocol) protocol handling of Apache Traffic Server. The vulnerability allows an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified HTTP message to an affected server.

References

CVE Name CVE-2012-0256