Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.9 views

Ubuntu 16.04 ESM : Varnish vulnerability (USN-4824-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4824-1 advisory. It was discovered that Varnish incorrectly handled certain inputs. A remote attacker could possibly use this issue to obtain sensitive information. Tenable has...

9.1CVSS7.2AI score0.04084EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2017-0435)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.3AI score0.04084EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.23 views

Fedora 27 : varnish (2017-72b50be8d4)

Security fix for CVE-2017-8807: This fixes a possible data leak in stevedore transient objects in varnishd. Upstream reports: 'It is not inconceiveable that an attack can provoke this situation on vulnerable varnishd instances, where the leaked memory contains confidential data and therefore we...

9.1CVSS7.2AI score0.04084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/04 12:0 a.m.29 views

FreeBSD : varnish -- information disclosure vulnerability (17133e7e-d764-11e7-b5af-a4badb2f4699)

Varnish reports : A wrong if statement in the varnishd source code means that synthetic objects in stevedores which over-allocate, may leak up to page size of data from a malloc3 memory allocation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

9.1CVSS7.2AI score0.04084EPSS
Exploits0References3
Mageia
Mageia
added 2017/12/01 11:13 p.m.30 views

Updated varnish packages fix security vulnerability

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

9.1CVSS3.6AI score0.04084EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/11/28 12:0 a.m.20 views

Fedora Update for varnish FEDORA-2017-5525b6cb5a

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.3AI score0.04084EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/28 12:0 a.m.26 views

Fedora Update for varnish FEDORA-2017-72b50be8d4

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.3AI score0.04084EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/28 12:0 a.m.23 views

Fedora Update for varnish FEDORA-2017-8575fbfe90

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.3AI score0.04084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/11/28 12:0 a.m.50 views

Fedora 26 : varnish (2017-5525b6cb5a)

Security fix for CVE-2017-8807: This fixes a possible data leak in stevedore transient objects in varnishd. Upstream reports: 'It is not inconceiveable that an attack can provoke this situation on vulnerable varnishd instances, where the leaked memory contains confidential data and therefore we...

9.1CVSS7.2AI score0.04084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/11/28 12:0 a.m.24 views

Fedora 25 : varnish (2017-8575fbfe90)

Security fix for CVE-2017-8807: This fixes a possible data leak in stevedore transient objects in varnishd. Upstream reports: 'It is not inconceiveable that an attack can provoke this situation on vulnerable varnishd instances, where the leaked memory contains confidential data and therefore we...

9.1CVSS7.2AI score0.04084EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2017/11/26 12:0 a.m.26 views

[ASA-201711-29] varnish: information disclosure

Arch Linux Security Advisory ASA-201711-29 ========================================== Severity: Medium Date : 2017-11-26 CVE-ID : CVE-2017-8807 Package : varnish Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-502 Summary ======= The package varnish before...

9.1CVSS1.1AI score0.04084EPSS
Exploits0References6
NVD
NVD
added 2017/11/16 2:29 a.m.20 views

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

9.1CVSS9.1AI score0.04084EPSS
Exploits0References6
OSV
OSV
added 2017/11/16 2:29 a.m.27 views

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

9.1CVSS9.2AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2017/11/16 2:29 a.m.32 views

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

9.1CVSS6.9AI score0.04084EPSS
Exploits0References6
CVE
CVE
added 2017/11/16 2:0 a.m.486 views

CVE-2017-8807

Varnish Cache CVE-2017-8807 affects 4.1.x before 4.1.9 and 5.x before 5.2.1. The flaw is in vbf_stp_error in bin/varnishd/cache/cache_fetch.c where a VFP_GetStorage buffer is larger than intended during -sfile Stevedore transient objects, allowing remote attackers to read memory from the process....

9.1CVSS8.8AI score0.04084EPSS
Exploits0References6Affected Software2
Debian CVE
Debian CVE
added 2017/11/16 2:0 a.m.18 views

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

9.1CVSS7.1AI score0.04084EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/11/16 12:0 a.m.29 views

Debian DSA-4034-1 : varnish - security update

'shamger' and Carlo Cannas discovered that a programming error in Varnish, a state of the art, high-performance web accelerator, may result in disclosure of memory contents or denial of service. See https://varnish-cache.org/security/VSV00002.html for details. %NASLMINLEVEL 70300 C Tenable Networ...

9.1CVSS7AI score0.04084EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/11/15 3:24 p.m.26 views

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

9.1CVSS3.9AI score0.04084EPSS
Exploits0References2
Rows per page
Query Builder