var-202407-2494
Vulnerability from variot
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.
Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. No detailed vulnerability details are currently available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5758-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 26, 2024 https://www.debian.org/security/faq
Package : trafficserver CVE ID : CVE-2023-38522 CVE-2024-35161 CVE-2024-35296
Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or request smuggling.
For the stable distribution (bookworm), these problems have been fixed in version 9.2.5+ds-0+deb12u1.
We recommend that you upgrade your trafficserver packages.
For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbMKBEACgkQEMKTtsN8 TjZOnw/+JNcO3mLjDjMwWUBfg7w/jCN8tIKJjAGs1bPzJ+QTOs4yy+47wWtAeJ5c Q3PrzETcXLNxFKAI+ii+Tq9DetvvgJYzm2Qxm9xeNJuhjMnUs226Om8VawTH8yL4 ijKuZZlEBCAoUTi5+ROQ6H+TDQ3KJIt/xiQp9JuDYPGBbNsyoEl+eOdmVRZTroBo heMsrvCMLneLV5kmr1IpIJfJgXvnuR57idyHAry9GOJ0xaMRdohE6oYqWuG+DeF3 1fr10jbSgX9M+tUtw1t7sFtoHjXlf3ez8fTOQ/aa+4idHtPd4GBkfDCKb+Bnoazg uuG9esu8RmfZisOFYQX4O3Bgi8KSM0Ir5Mv9sOkvy95Iqd1dJ2kjHFlvgbzzbATF aSMlj/lUwG2ALq2hoZ4IfuwLKr0hTguHtKTcralE7w+8+pbzMPzULXUw8vPIFGHq VKS0S6XzXHuFchyhfKJFXuUD4uAjijVPzCAMyvlIH98hBfRSbzOP1dwRrHN7YVk4 fmkf6yjQ5hB/ecXFCQkXJUXOJNwm41sMpZUkdywFh1iFnV6Hl3We3JD0wdjURReY 4ZzGR2PkgWQN56UvkzF4xq8VmtBZ3lTSHH6kmmlgpmBFgtdWhnvl/3Jp4dfO3uh5 2Lt5vf01Ae4jkT+93uaMtDlr8YBEr2JHLEWCA3ZRC4ux3mnGRN8= =Q6vb -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202407-2494",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "traffic server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "9.2.5"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "9.0.0"
},
{
"model": "traffic server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "8.1.11"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "8.0.0"
},
{
"model": "traffic server",
"scope": null,
"trust": 0.8,
"vendor": "apache",
"version": null
},
{
"model": "traffic server",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": null
},
{
"model": "traffic server",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "9.0.0 that\u0027s all 9.2.5"
},
{
"model": "traffic server",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "8.0.0 that\u0027s all 8.1.11"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 0.6,
"vendor": "apache",
"version": "8.0.0,\u003c=8.1.10"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 0.6,
"vendor": "apache",
"version": "9.0.0,\u003c=9.2.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian",
"sources": [
{
"db": "PACKETSTORM",
"id": "180380"
}
],
"trust": 0.1
},
"cve": "CVE-2024-35161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-35170",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2024-35161",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-35161",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2024-35161",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-35161",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-35161",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2024-35161",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-35170",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. \n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. \n\nUsers can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. \nUsers are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. No detailed vulnerability details are currently available. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5758-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 26, 2024 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : trafficserver\nCVE ID : CVE-2023-38522 CVE-2024-35161 CVE-2024-35296\n\nSeveral vulnerabilities were discovered in Apache Traffic Server,\na reverse and forward proxy server, which could result in denial\nof service or request smuggling. \n\nFor the stable distribution (bookworm), these problems have been fixed in\nversion 9.2.5+ds-0+deb12u1. \n\nWe recommend that you upgrade your trafficserver packages. \n\nFor the detailed security status of trafficserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/trafficserver\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbMKBEACgkQEMKTtsN8\nTjZOnw/+JNcO3mLjDjMwWUBfg7w/jCN8tIKJjAGs1bPzJ+QTOs4yy+47wWtAeJ5c\nQ3PrzETcXLNxFKAI+ii+Tq9DetvvgJYzm2Qxm9xeNJuhjMnUs226Om8VawTH8yL4\nijKuZZlEBCAoUTi5+ROQ6H+TDQ3KJIt/xiQp9JuDYPGBbNsyoEl+eOdmVRZTroBo\nheMsrvCMLneLV5kmr1IpIJfJgXvnuR57idyHAry9GOJ0xaMRdohE6oYqWuG+DeF3\n1fr10jbSgX9M+tUtw1t7sFtoHjXlf3ez8fTOQ/aa+4idHtPd4GBkfDCKb+Bnoazg\nuuG9esu8RmfZisOFYQX4O3Bgi8KSM0Ir5Mv9sOkvy95Iqd1dJ2kjHFlvgbzzbATF\naSMlj/lUwG2ALq2hoZ4IfuwLKr0hTguHtKTcralE7w+8+pbzMPzULXUw8vPIFGHq\nVKS0S6XzXHuFchyhfKJFXuUD4uAjijVPzCAMyvlIH98hBfRSbzOP1dwRrHN7YVk4\nfmkf6yjQ5hB/ecXFCQkXJUXOJNwm41sMpZUkdywFh1iFnV6Hl3We3JD0wdjURReY\n4ZzGR2PkgWQN56UvkzF4xq8VmtBZ3lTSHH6kmmlgpmBFgtdWhnvl/3Jp4dfO3uh5\n2Lt5vf01Ae4jkT+93uaMtDlr8YBEr2JHLEWCA3ZRC4ux3mnGRN8=\n=Q6vb\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-35161"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"db": "PACKETSTORM",
"id": "180380"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-35161",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-35170",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "180380",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "PACKETSTORM",
"id": "180380"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"id": "VAR-202407-2494",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
}
]
},
"last_update_date": "2024-08-28T22:57:02.907000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Apache Traffic Server Input Validation Error Vulnerability (CNVD-2024-35170)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/576156"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.0
},
{
"problemtype": "HTTP Request Smuggling (CWE-444) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-35161"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2024-35161/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/trafficserver"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-35296"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-38522"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "PACKETSTORM",
"id": "180380"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"db": "PACKETSTORM",
"id": "180380"
},
{
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-08-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"date": "2024-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"date": "2024-08-26T15:09:12",
"db": "PACKETSTORM",
"id": "180380"
},
{
"date": "2024-07-26T10:15:02.567000",
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-08-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-35170"
},
{
"date": "2024-08-15T02:32:00",
"db": "JVNDB",
"id": "JVNDB-2024-005375"
},
{
"date": "2024-08-13T09:15:04.610000",
"db": "NVD",
"id": "CVE-2024-35161"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache\u00a0Software\u00a0Foundation\u00a0 of \u00a0Apache\u00a0Traffic\u00a0Server\u00a0 In \u00a0HTTP\u00a0 Request Smuggling Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-005375"
}
],
"trust": 0.8
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.