CVE-2017-7670 - OpenCVE

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Traffic Control

Configuration 1 [-]

OR	cpe:2.3:a:apache:traffic_control::::::::
	cpe:2.3:a:apache:traffic_control:1.8.1:rc0::::::
	cpe:2.3:a:apache:traffic_control:2.0.0:rc1::::::
	cpe:2.3:a:apache:traffic_control:2.0.0:rc2::::::
	cpe:2.3:a:apache:traffic_control:2.0.0:rc3::::::
	cpe:2.3:a:apache:traffic_control:2.0.0:rc4::::::
	cpe:2.3:a:apache:traffic_control:2.0.0:rc5::::::
	cpe:2.3:a:apache:traffic_control:2.0.0:rc6::::::

References

Link	Resource
https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E
https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E
https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2017-07-07T00:00:00

Updated: 2021-06-16T20:06:13

Reserved: 2017-04-11T00:00:00

Link: CVE-2017-7670

JSON object: View

NVD Information

Status : Modified

Published: 2017-07-10T18:29:00.253

Modified: 2023-11-07T02:50:14.560

Link: CVE-2017-7670

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"containers": {"cna": {"affected": [{"product": "Apache Traffic Control", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "1.8.0 incubating"}, {"status": "affected", "version": "2.0.0 RC0 incubating"}]}], "datePublic": "2017-07-07T00:00:00", "descriptions": [{"lang": "en", "value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-16T20:06:13", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"}, {"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"}, {"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2017-07-07T00:00:00", "ID": "CVE-2017-7670", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Traffic Control", "version": {"version_data": [{"version_value": "1.8.0 incubating"}, {"version_value": "2.0.0 RC0 incubating"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0@%3Cusers.trafficcontrol.apache.org%3E"}, {"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c@%3Ccommits.trafficcontrol.apache.org%3E"}, {"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8@%3Ccommits.trafficcontrol.apache.org%3E"}]}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2017-7670", "datePublished": "2017-07-07T00:00:00", "dateReserved": "2017-04-11T00:00:00", "dateUpdated": "2021-06-16T20:06:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:traffic_control:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DBD0BDC-FE45-4783-836C-98AC3C1AD582", "versionEndIncluding": "1.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:1.8.1:rc0:*:*:*:*:*:*", "matchCriteriaId": "7C7D341B-4BCD-4040-9539-0B3D3BF489AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F4A5940F-5AF1-4E6A-8D40-800C402188DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A07F5552-C1D7-4D61-A7EA-FACE14BFB707", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "CF329CC2-2B4C-46B7-AAB3-5902C66731C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "FAA4DE4E-41E9-4D6A-824A-259A10C58A33", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "A5A0F919-6FA5-4C28-B840-E605C7EA1C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:traffic_control:2.0.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "C6EA36D0-C636-4D8F-96B3-77BF5266D9B2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."}, {"lang": "es", "value": "El componente Traffic Router del proyecto Apache Traffic Control en incubaci\u00f3n es vulnerable a un ataque de denegaci\u00f3n de servicio de estilo Slowloris. Las conexiones TCP realizadas en el puerto DNS configurado permanecer\u00e1n en el estado ESTABLISHED hasta que el cliente cierre expl\u00edcitamente la conexi\u00f3n o se reinicie Traffic Router. Si las conexiones permanecen en el estado ESTABLISHED indefinidamente y se acumulan en n\u00famero para que coincida con el tama\u00f1o del grupo hilo (subprocesos) dedicado al procesamiento de peticiones DNS, el grupo hilo (subprocesos) se agota. Una vez que se agota el grupo de hilo (subprocesos), Traffic Router no puede atender ninguna petici\u00f3n DNS, independientemente del protocolo de transporte."}], "id": "CVE-2017-7670", "lastModified": "2023-11-07T02:50:14.560", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-10T18:29:00.253", "references": [{"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}