Cyber Security News

New Apache Traffic Server Flaws Allow Malformed Request Exploits

The Apache Software Foundation has disclosed several vulnerabilities affecting its Traffic Server software.

These vulnerabilities allow malicious actors to exploit malformed requests and access control list (ACL) issues, posing serious security risks to users.

The vulnerabilities, identified by CVE numbers CVE-2024-38311CVE-2024-56195CVE-2024-56196, and CVE-2024-56202, have been reported by various researchers and affect multiple versions of the Apache Traffic Server.

Description of Vulnerabilities

  1. CVE-2024-38311 (Request Smuggling via Pipelining After a Chunked Message Body): This vulnerability allows an attacker to perform request smuggling by exploiting how pipelined requests are handled after a chunked message body. This could lead to unauthorized access or manipulation of data.
  2. CVE-2024-56195 (Intercept Plugins Not Access Controlled): Intercept plugins in Apache Traffic Server are not properly access-controlled, which means that unauthorized users might be able to execute these plugins, potentially compromising system security.
  3. CVE-2024-56196 (ACL Not Fully Compatible with Older Versions): This vulnerability highlights an issue where ACL functionality is not fully compatible with older versions of the software. This could lead to inconsistent access controls across different versions, creating potential security holes.
  4. CVE-2024-56202 (Expect Header Field Can Unreasonably Retain Resource): The Expect header field can cause resources to be held unnecessarily, potentially leading to resource exhaustion and denial-of-service attacks.

Affected Versions and Mitigation

The vulnerabilities affect Apache Traffic Server versions 9.0.0 through 9.2.8, as well as versions 10.0.0 to 10.0.3. Users are advised to upgrade their installations to mitigate these risks. Specifically:

  • Users of ATS versions 9.x should upgrade to version 9.2.9 or later.
  • Users of ATS versions 10.x should upgrade to version 10.0.4 or later.

These vulnerabilities underscore the importance of maintaining updated software to protect against emerging threats.

The Apache Software Foundation’s prompt disclosure and mitigation guidance offer users a clear path to securing their systems.

As the cybersecurity landscape continues to evolve, vigilance and proactive updates remain crucial for preventing exploitation by malicious actors.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

1 day ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

1 day ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

1 day ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

1 day ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

1 day ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

1 day ago