FKIE_CVE-2017-7670

Vulnerability from fkie_nvd - Published: 2017-07-10 18:29 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol.
References
security@apache.orghttps://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E
Impacted products
Vendor Product Version
apache traffic_control *
apache traffic_control 1.8.1
apache traffic_control 2.0.0
apache traffic_control 2.0.0
apache traffic_control 2.0.0
apache traffic_control 2.0.0
apache traffic_control 2.0.0
apache traffic_control 2.0.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DBD0BDC-FE45-4783-836C-98AC3C1AD582",
              "versionEndIncluding": "1.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:1.8.1:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "7C7D341B-4BCD-4040-9539-0B3D3BF489AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F4A5940F-5AF1-4E6A-8D40-800C402188DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "A07F5552-C1D7-4D61-A7EA-FACE14BFB707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "CF329CC2-2B4C-46B7-AAB3-5902C66731C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "FAA4DE4E-41E9-4D6A-824A-259A10C58A33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "A5A0F919-6FA5-4C28-B840-E605C7EA1C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "C6EA36D0-C636-4D8F-96B3-77BF5266D9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."
    },
    {
      "lang": "es",
      "value": "El componente Traffic Router del proyecto Apache Traffic Control en incubaci\u00f3n es vulnerable a un ataque de denegaci\u00f3n de servicio de estilo Slowloris. Las conexiones TCP realizadas en el puerto DNS configurado permanecer\u00e1n en el estado ESTABLISHED hasta que el cliente cierre expl\u00edcitamente la conexi\u00f3n o se reinicie Traffic Router. Si las conexiones permanecen en el estado ESTABLISHED indefinidamente y se acumulan en n\u00famero para que coincida con el tama\u00f1o del grupo hilo (subprocesos) dedicado al procesamiento de peticiones DNS, el grupo hilo (subprocesos) se agota. Una vez que se agota el grupo de hilo (subprocesos), Traffic Router no puede atender ninguna petici\u00f3n DNS, independientemente del protocolo de transporte."
    }
  ],
  "id": "CVE-2017-7670",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-10T18:29:00.253",
  "references": [
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.