CVE-2017-12425 Information

Description

An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4 4.1.0 through 4.1.7 5.0.0 and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert related to an Integer Overflow. This causes the varnishd worker process to abort and restart losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack. The specific source-code filename containing the incorrect statement varies across releases.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.debian.org/security/2017/dsa-3924 https://bugzilla.redhat.com/show_bug.cgi?id=1477222 https://bugzilla.suse.com/show_bug.cgi?id=1051917 https://github.com/varnishcache/varnish-cache/issues/2379 https://lists.debian.org/debian-security-announce/2017/msg00186.html https://www.varnish-cache.org/security/VSV00001.htmlvsv00001

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5