CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •
CVE-2013-4090
https://notcve.org/view.php?id=CVE-2013-4090
Varnish HTTP cache before 3.0.4: ACL bug Varnish HTTP cache versiones anteriores a 3.0.4: Un error de la Lista de Control de Acceso ACL. • https://www.varnish-cache.org/lists/pipermail/varnish-announce/2013-June/000684.html •
CVE-2015-8852
https://notcve.org/view.php?id=CVE-2015-8852
Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request. Varnish 3.x en versiones anteriores a 3.0.7, cuando se utiliza en ciertas instalaciones apiladas, permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de una línea de cabecera terminada por un carácter \r (retorno de carro) en conjunción con múltiples cabeceras Content-Length en una petición HTTP. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00064.html http://www.debian.org/security/2016/dsa-3553 http://www.openwall.com/lists/oss-security/2016/04/16/1 http://www.openwall.com/lists/oss-security/2016/04/18/7 https://github.com/varnish/Varnish-Cache/commit/29870c8fe95e4e8a672f6f28c5fbe692bea09e9c https://github.com/varnish/Varnish-Cache/commit/85e8468bec9416bd7e16b0d80cb820ecd2b330c3 https://security.gentoo.org/glsa/201607-10 https://www.varnish-cache.org/lists/pipermail/varnish-announce •
CVE-2013-4484 – Varnish Cache Denial Of Service
https://notcve.org/view.php?id=CVE-2013-4484
Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI. Vulnerablilidad en Varnish antes de 3.0.5 permite a atacantes remotos provocar una denegación de servicio (caída del proceso hijo y corte de caché temporal) a través de una solicitud GET con espacios en blanco finales y sin URI. If Varnish receives a certain illegal request, and the subroutine 'vcl_error{}' restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of service and the cache will be emptied, causing more traffic to go to the backend. Versions 2.0.x, 2.1.x, and 3.0.x are affected. • http://archives.neohapsis.com/archives/bugtraq/2013-10/0158.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00033.html http://secunia.com/advisories/55452 http://secunia.com/advisories/55746 http://www.debian.org/security/2012/dsa-2814 http://www.openwall.com/lists/oss-security/2013/10/30/5 https://www.varnish-cache.org/trac/ticket/1367 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •