trafficserver-announce mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bryan Call <bc...@apache.org>
Subject [ANNOUNCE] Apache Traffic Server is vulnerable to various HTTP/1.x and HTTP/2 attacks
Date Thu, 24 Jun 2021 23:00:02 GMT
Description:
ATS is vulnerable to various HTTP/1.x and HTTP/2 attacks

CVE:
CVE-2021-27577 Incorrect handling of url fragment leads to cache poisoning
CVE-2021-32565 HTTP Request Smuggling, content length with invalid charters
CVE-2021-32566 Specific sequence of HTTP/2 frames can cause ATS to crash
CVE-2021-32567 Reading HTTP/2 frames too many times
CVE-2021-35474 Dynamic stack buffer overflow in cachekey plugin

Reported By:
Katsutoshi Ikenoya (CVE-2021-32566)
Mattias Grenfeldt (CVE-2021-32565)
Iustin Ladunca (CVE-2021-27577)
Masaori Koshiba (CVE-2021-32567,  CVE-2021-35474)

Vendor:
The Apache Software Foundation

Version Affected:
ATS 7.0.0 to 7.1.12
ATS 8.0.0 to 8.1.1
ATS 9.0.0 to 9.0.1

Mitigation:
7.x users should upgrade to 8.1.2 or 9.0.2, or later versions
8.x users should upgrade to 8.1.2 or later versions
9.x users should upgrade to 9.0.2 or later versions

References:
	Downloads:
		https://trafficserver.apache.org/downloads
		(Please use backup sites from the link only if the mirrors are unavailable) 
	CVE:
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474


-Bryan


Mime
View raw message