Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability

Apache Traffic Server is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause denial-of-service conditions.

Apache Traffic Server 6.0.0 through 6.2.0 are vulnerable.

Information

Bugtraq ID: 97945
Class: Unknown
CVE: CVE-2016-5396

Remote: Yes
Local: No
Published: Apr 21 2017 12:00AM
Updated: Apr 21 2017 09:07AM
Credit: The vendor reported this issue.
Vulnerable:

Not Vulnerable:

References:

Apache Traffic Server Homepage (Apache Software Foundation)
Add total header length checks in HPACK (apache)
TS-5019: Add header length checks in HPACK #1160 (apache)
TS-5019: Add total header length checks in HPACK (back-port) #1162 (apache)

Source: www.securityfocus.com

Exploit Collector

Search Exploit

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability

Information