Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2017/08/15 12:0 a.m.21 views

Fedora 26 : varnish (2017-8f4fba5afa)

New upstream release. This is a security release with a fix for CVE-2017-12425, a crash bug that might be used in a denial of service attack. Details from the upstream project are found here : http://varnish-cache.org/security/VSV00001.html Note that Tenable Network Security has extracted the...

7.5CVSS7.1AI score0.02416EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/08/04 10:18 a.m.21 views

CVE-2017-12425

An integer overflow flaw, leading to assertion failure, was found in the way Varnish handled chunk sizes in HTTP requests. A remote attacker could use this flaw to make the Varnish daemon restart unexpectedly due to an assertion failure by sending a specially crafted HTTP request...

7.5CVSS1.5AI score0.02416EPSS
Exploits0References2
CVE
CVE
added 2017/08/04 9:0 a.m.164 views

CVE-2017-12425

Varnish HTTP Cache contains a denial-of-service vulnerability (CVE-2017-12425) due to a wrong if statement in varnishd that can cause an assertion when processing invalid client requests. This bug affects multiple releases: 4.0.1–4.0.4, 4.1.0–4.1.7, 5.0.0, and 5.1.0–5.1.2. Exploitation leads to t...

7.5CVSS7.2AI score0.02416EPSS
Exploits0References6Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/08/03 12:0 a.m.20 views

Debian DSA-3924-1 : varnish - security update

A denial of service vulnerability was discovered in Varnish, a state of the art, high-performance web accelerator. Specially crafted HTTP requests can cause the Varnish daemon to assert and restart, clearing the cache in the process. See https://varnish-cache.org/security/VSV00001.html for detail...

7.5CVSS7.2AI score0.02416EPSS
Exploits0References6
Rows per page
Query Builder