CVE-2012-0256

EPSS 1.6%

Published: 3/26/2012Modified: 4/28/2026

Description

Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.

Affected packages (1)

Debian/trafficserverfrom 0, < 3.0.4-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-0256