Cross site request forgery (csrf)

DISPUTED The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a...

CVE-2009-2936

The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a vcl.inline...

CVE-2009-2936

The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a vcl.inline...

CVE-2009-2936

DISPUTED The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a...

Medium security hole in Varnish reverse proxy

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20090908 Date: 26th September 2009 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Varnish 2.0.4 http://www.varnish-cache.org/ Vendor:...