ID CVE-2015-5206
Summary Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.
References
Vulnerable Configurations
  • Apache Software Foundation Traffic Server 5.3.1
    cpe:2.3:a:apache:traffic_server:5.3.1
  • Apache Software Foundation Traffic Server 5.3.0
    cpe:2.3:a:apache:traffic_server:5.3.0
CVSS
Base: 10.0
Impact:
Exploitability:
nessus via4
NASL family Web Servers
NASL id APACHE_TRAFFIC_SERVER_532.NASL
description According to its banner, the version of Apache Traffic Server running on the remote host is 5.3.x prior to 5.3.2. It is, therefore, affected by multiple vulnerabilities related to improper handling of HTTP/2 requests. An attacker can exploit these vulnerabilities to have an unspecified impact. No further details are available. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
last seen 2019-02-21
modified 2018-06-27
plugin id 87241
published 2015-12-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=87241
title Apache Traffic Server 5.3.x < 5.3.2 HTTP2 Multiple Vulnerabilities
refmap via4
mlist [www-announce] 20150914 [ANNOUNCE] Apache Traffic Server 5.3.2 is released!
Last major update 13-09-2017 - 12:29
Published 13-09-2017 - 12:29
Last modified 21-09-2017 - 14:39
Back to Top