Debian Security Advisory 2814-1

Debian Security Advisory 2814-1: Posted Dec 10, 2013; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2814-1 - A denial of service vulnerability was reported in varnish, a state of the art, high-performance web accelerator. With some configurations of varnish a remote attacker could mount a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.; tags | advisory, remote, web, denial of service; systems | linux, debian; advisories | CVE-2013-4484; SHA-256 | 6d9b196bb178599d75a77ee1dee4a7a1609b587bc3f0fb2f12f26dd4e6929a51; Download | Favorite | View

Debian Security Advisory 2814-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2814-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
December 09, 2013                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : varnish
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2013-4484
Debian Bug     : 728989

A denial of service vulnerability was reported in varnish, a state of
the art, high-performance web accelerator. With some configurations of
varnish a remote attacker could mount a denial of service (child-process
crash and temporary caching outage) via a GET request with trailing
whitespace characters and no URI.

For the oldstable distribution (squeeze), this problem has been fixed in
version 2.1.3-8+deb6u1.

For the stable distribution (wheezy), this problem has been fixed in
version 3.0.2-2+deb7u1.

For the unstable distribution (sid), this problem has been fixed in
version 3.0.5-1.

We recommend that you upgrade your varnish packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBCgAGBQJSpfg2AAoJEAVMuPMTQ89EDMgP/RvQOW2J6oQ9aPrTD1t4EoXS
Af1aADwLiQ6+2yRLEkFJaC3X3vBykFNHH0JniwDqQRKNE17MSZGFZpzCJVU1l1I/
e9xKKSENY17QLSLTBKX2fzXpO6TeU/jYIq/NID6G+PDcDPwP0tfVdZhQcphmUoEs
yrTPjW/CFFOXhEqMG+rlCL9zJA4lRrEt80CIKgpQw/c7DZcxGn34qG8rhlOiXlYu
xdyXeHxWZXsIxhIq5xvlk8++VooDpQm5ElpHBNjgQBqRXTFRo5EAJzIgTdUbopJE
dmJntf+Hy2KZBvx9j+NHjrtbFWwEKM44eC1hYmJTg2RWa/H9CwrGgc2hhcPoiYX0
2hWvj3soP/Pf8fYtMNUW5O6rTyi3YfLXJQVH6p0lRsK/tPcEgRRqiabLiIVlRcc6
4OJ5h7tWMfBYOQzyWs3i6thyJFa7mTJGht0lI4kg/txt58pG+PP6BGylMYlwZtYl
/ZsYsb1F1vwRm1G2wdB7j34YryENgdqVZAlF1scABJ2xLbRND9xGhcY4NXZxkE9X
szsInEtu1OEy8jWUGzaGqEVMMn05jLpsk9MNV68qGU8qloNfxtYnR6xDHmhRozv/
rIHWuLEkuxLAbHEHg9oi8tv1L8uCQq2lCYS3N7wswZg40CD4Tm5vf4Yioyv/oz2H
GyHEwYj1T49z8TivpTPm
=bn70
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 269 files
Ubuntu 98 files
indoushka 37 files
Gentoo 29 files
Jasper Nota 25 files
Willem Westerhof 19 files
Debian 12 files
Jim Blankendaal 11 files
Apple 10 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,084)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,560)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,418)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,704)
UNIX (9,432)
UnixWare (187)
Windows (6,668)
Other

Debian Security Advisory 2814-1

Debian Security Advisory 2814-1

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 2814-1

Share This

Debian Security Advisory 2814-1

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems