The Varnish developers have recently announced a DoS vulnerability in Varnish (CVE-2013-4484) , if you’re using Varnish in your environment make sure you adjust your configurations to fix the vulnerability if you haven’t already.
In a test of our environment, we found many systems were protected by a default catch-all vcl_error already, but there were certainly systems that suffered. It’s a very easy issue to check for and reproduce:
# telnet failserver1 80 Trying 127.0.0.1... Connected to failserver1.example.com. Escape character is '^]'. GET Host: foo Connection closed by foreign host.
You will see the Varnish child dying in the system logs at the time:
Oct 31 14:11:51 failserver1 varnishd: Child (1712) died signal=6 Oct 31 14:11:51 failserver1 varnishd: child (2433) Started Oct 31 14:11:51 failserver1 varnishd: Child (2433) said Child starts
Make sure you go and apply the fix now, upstream advise applying a particular configuration change and haven’t released a code fix yet, so distributions are unlikely to be releasing an updated package to fix this for you any time soon.