Description

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

Remediation

References

CVE-2017-7671

Related Vulnerabilities

Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)

WordPress Plugin Better WordPress reCAPTCHA (with no CAPTCHA reCAPTCHA) Cross-Site Scripting (2.0.3)

Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)

WordPress Plugin Online Hotel Booking System Pro SQL Injection (1.0)

OpenSSL Resource Management Errors Vulnerability (CVE-2006-2940)

Severity

High

Classification

CVE-2017-7671 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Tags

Missing Update Known Vulnerabilities