| Vector: | Remote |
| Severity: | Medium |
| Patch: | Patched |
| Impact: | Denial of Service (DoS) |
| Software: |
Apache Traffic Server 5.0.x , vulnerable versions: & Apache Traffic Server 5.1.x , vulnerable versions: l |
An attacker can perform a denial of service attack.
The vulnerability is caused due to an error related to handling the HTTP TRACE Max-Forwards header. An attacker can perform a denial of service (DoS) attack.
Solution:
For Apache Traffic Server 5.0.x: Update to version 5.1.2.
Links:
- http://mail-archives.apache.org/mod_mbox/trafficserver-users/201412.mbox/
- https://issues.apache.org/jira/browse/TS-3223
