vulnerability
Ubuntu: (CVE-2017-5659): trafficserver vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Apr 17, 2017 | Jun 26, 2025 | Jul 28, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Apr 17, 2017
Added
Jun 26, 2025
Modified
Jul 28, 2025
Description
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.
Solution
no-fix-ubuntu-package
References
- CVE-2017-5659
- https://attackerkb.com/topics/CVE-2017-5659
- URL-http://www.openwall.com/lists/oss-security/2017/04/17/8
- URL-https://github.com/apache/trafficserver/commit/9b7189fbc0cf1f9bbd29f5510fd308a69016159e
- URL-https://github.com/apache/trafficserver/commit/e0664e4ce6ad337dac6977c305868357894303fe
- URL-https://issues.apache.org/jira/browse/TS-4507
- URL-https://issues.apache.org/jira/browse/TS-4819
- URL-https://www.cve.org/CVERecord?id=CVE-2017-5659
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.