

DoS vulnerability in #Varnish HTTP cache software. - ruben_varnish
https://www.varnish-cache.org/lists/pipermail/varnish-announce/2013-October/000686.html

======
gopalv
This is really going to be more of a cache-flush issue, considering how
quickly it will recover.

Bouncing the front-end is likely to expose the backend (say, a php site) to
the traffic load usually handled by varnish. This is likely to bring that (and
its db, etc) down very quickly.

But the good news is that all you need to do is ship a new vcl file and
there's no need to patch/rebuild varnishd binaries.

------
ruben_varnish
Discuss here or on Twitter >
[https://twitter.com/bsdphk/status/395605262024732672](https://twitter.com/bsdphk/status/395605262024732672)

