Show filters
95 Total Results
Displaying 31-40 of 95
Sort by:
Attacker Value
Unknown
CVE-2002-20001
Disclosure Date: November 11, 2021 (last updated January 11, 2024)
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.
0
Attacker Value
Unknown
CVE-2021-41585
Disclosure Date: November 03, 2021 (last updated November 28, 2024)
Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.
0
Attacker Value
Unknown
CVE-2021-38161
Disclosure Date: November 03, 2021 (last updated November 28, 2024)
Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.
0
Attacker Value
Unknown
CVE-2021-37147
Disclosure Date: November 03, 2021 (last updated February 09, 2024)
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
0
Attacker Value
Unknown
CVE-2021-37149
Disclosure Date: November 03, 2021 (last updated November 28, 2024)
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
0
Attacker Value
Unknown
CVE-2021-43082
Disclosure Date: November 03, 2021 (last updated November 28, 2024)
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0.
0
Attacker Value
Unknown
CVE-2021-37148
Disclosure Date: November 03, 2021 (last updated November 28, 2024)
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
0
Attacker Value
Unknown
CVE-2021-32566
Disclosure Date: June 30, 2021 (last updated November 28, 2024)
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
0
Attacker Value
Unknown
CVE-2021-32567
Disclosure Date: June 30, 2021 (last updated November 28, 2024)
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
0
Attacker Value
Unknown
CVE-2021-35474
Disclosure Date: June 30, 2021 (last updated November 28, 2024)
Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
0