FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

varnish -- Varnish HTTP Request Parsing Denial of Service

Affected packages
varnish < 2.0.1

Details

VuXML ID bcee3989-d106-4f60-948f-835375634710
Discovery 2008-10-17
Entry 2009-02-14
Modified 2009-02-15

SecurityFocus reports:

Varnish is prone to a remote denial-of-service vulnerability because the application fails to handle certain HTTP requests.

Successfully exploiting this issue allows remote attackers to crash the affected application denying further service to legitimate users.

References

Bugtraq ID 33712
URL http://secunia.com/advisories/33852/
URL http://varnish.projects.linpro.no/wiki/WikiStart