CVE-2023-33934
Apache Traffic Server: Differential fuzzing for HTTP request parsing discrepancies
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.
We have discovered 1,404 live websites that are affected by CVE-2023-33934.
Affected Software
| Product |  ATS |
| Category | Web Servers |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 41 |
| Vulnerable Domains | 1,404 live websites (83.52% of ATS install base) |
Common Weakness Enumeration
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-33934 and the relative popularity of websitesDetails
- Published - Aug 9, 2023
- Updated - Sep 28, 2023
Credits
- Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, Harvey Tuch (finder)
CWE
CVE References
CWE References
Countries
 United States | 407 websites |
 China | 488 websites |
 Germany | 218 websites |
 Switzerland | 66 websites |
 Italy | 57 websites |
 France | 32 websites |
 GB | 27 websites |
 Romania | 23 websites |
 Finland | 12 websites |
 Netherlands | 11 websites |
TLDs
| .com.cn | 405 websites |
| .org | 298 websites |
| .com | 207 websites |
| .info | 93 websites |
| .cn | 60 websites |
| .ch | 54 websites |
| .it | 39 websites |
| .de | 31 websites |
| .net | 26 websites |
| .fi | 10 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2023-33934 through included software libraries and plugins.References
- https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc
- https://lists.fedoraproject.org/archives/list/[email protected]/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/
- https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html
- https://www.debian.org/security/2023/dsa-5549
Websites affected by CVE-2023-33934
Top websites that are affected by CVE-2023-33934. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **.*********.org | United States | ** | |
| *******.*********.org | United States | *** | |
| *.*******.cn | China | *,*** | |
| ***.*********.org | United States | *,*** | |
| **.*********.org | United States | *,*** | |
| ****.***.cn | China | *,*** | |
| ***.****.***.cn | China | *,*** | |
| **.*********.org | United States | *,*** | |
| **.*.*********.org | United States | *,*** | |
| ****.*********.org | United States | *,*** |