full disclosure reports

Wed Mar 6 16:07:37 CET 2013

For the record, I have added #1274 and #1275 in trac for the last two:

https://www.varnish-cache.org/trac/ticket/1274
https://www.varnish-cache.org/trac/ticket/1275

On Wed, Mar 6, 2013 at 3:41 PM, Nils Goroll <slink at schokola.de> wrote:

> FYI:
>
> * http://www.gossamer-threads.**com/lists/fulldisc/full-**disclosure/89110<http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/89110>
>   -> looks like https://www.varnish-cache.org/**trac/ticket/927<https://www.varnish-cache.org/trac/ticket/927>at first sight
>
> * http://www.gossamer-threads.**com/lists/fulldisc/full-**disclosure/89115<http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/89115>
>   -> another one with ridiculously high Content-Length
>
> these ones are also reported for 3.0.3 and look like genuine issues to me:
>
> * http://www.gossamer-threads.**com/lists/fulldisc/full-**disclosure/89113<http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/89113>
>   -> new report? (does not look like a new issue to me regarding GetHdr,
>      but in the context of Vary parsing)
>
> * http://www.gossamer-threads.**com/lists/fulldisc/full-**disclosure/89107<http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/89107>
>   -> Vary parsing
>
> IIUC to exploit any of these one would need access to a backend or at
> least some way to make a backend produce certain response headers.
>
> Nils
>
> ______________________________**_________________
> varnish-dev mailing list
> varnish-dev at varnish-cache.org
> https://www.varnish-cache.org/**lists/mailman/listinfo/**varnish-dev<https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev>
>

-- 
  <http://www.varnish-software.com>  *Dag Haavi Finstad*
Developer | Varnish Software AS
Phone: +47 21 98 92 60
We Make Websites Fly!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-dev/attachments/20130306/7e21d39a/attachment.html>