This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
Varnish before 3.0.5 allows remote attackers to cause a denial of
service (child-process crash and temporary caching outage) via a GET
request with trailing whitespace characters and no URI.
varnish 3.0.3 uses world-readable permissions for the
/var/log/varnish/ directory and the log files in the directory, which
allows local users to obtain sensitive information by reading the
files. NOTE: some of these details are obtained from third party
See also :
Run 'yum update varnish' to update your system.
Risk factor :
Medium / CVSS Base Score : 5.0