SysLog.gr

SysLog.gr

Varnish Cache Denial Of Service

If Varnish receives a certain illegal request, and the subroutine ‘vcl_error{}’ restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of service and the cache will be emptied, causing more traffic to go to the backend. Versions 2.0.x, 2.1.x, and 3.0.x are affected…. If Varnish receives a certain illegal request, and the subroutine ‘vcl_error{}’ restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of service and the cache will be emptied, causing more traffic to go to the backend. Versions 2.0.x, 2.1.x, and 3.0.x are affected.

Read more http://packetstormsecurity.com/files/123867/varnishcache-dos.txt

Comments are Closed

© 2019: SysLog.gr | Easy Theme by: D5 Creation | Powered by: WordPress