Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service
Versions prior to 3.0.4 and 3.1.3
A vulnerability was reported in Apache Traffic Server. A remote user can cause denial of service conditions.
A remote user can send a request with a specially crafted 'Host' header value to trigger a heap allocation error and cause the target service to crash.
A remote user can cause the target service to crash.
The vendor has issued a fix (3.0.4, 3.1.3).