VSV00001 DoS vulnerability
Bug #1708553 reported by
Olav Groenaas Gjerde
This bug report is a duplicate of:
Bug #1708354: [CVE] Correctly handle bogusly large chunk sizes.
Edit
Remove
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| varnish (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
VSV00001 DoS vulnerability
CVE-<to be assigned, we couldn’t get one under embargo>
Date: 2017-08-02
A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert.
This causes the varnishd worker process to abort and restart, loosing the cached contents in the process.
An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack.
Mitigation is possible from VCL or by updating to a fixed version of Varnish Cache.
Versions affected
4.0.1 to 4.0.4
4.1.0 to 4.1.7
5.0.0
5.1.0 to 5.1.2
| information type: | Private Security → Public |
To post a comment you must log in.
