4 matches found
CVE-2009-2936
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/varnish/varnishclifileread.rb 2018-05-29 15:50:33+00:00| seen|...
Fedora 13 : varnish-2.1.0-2.fc13 (2010-6719)
Upgrade to new upstream release 2.1.0. This upgrade is important because - The previous 2.0 series will be discontinued within the lifetime of F-13 - 2.1.0 contains a fix for CVE-2009-2936. It is not probably that upstream will backport this fix for the 2.0 series These changes should be importan...
CVE-2009-2936
The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a vcl.inline...
Medium security hole in Varnish reverse proxy
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20090908 Date: 26th September 2009 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Varnish 2.0.4 http://www.varnish-cache.org/ Vendor:...