ALT-PU-2016-2235-1
Closed vulnerabilities
BDU:2015-09681
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2013-0179
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr.
- 56183
- 56183
- [oss-security] 20130114 CVE request: memcached DoS when printing out keys to be deleted in verbose mode
- [oss-security] 20130114 CVE request: memcached DoS when printing out keys to be deleted in verbose mode
- [oss-security] 20130114 Re: CVE request: memcached DoS when printing out keys to be deleted in verbose mode
- [oss-security] 20130114 Re: CVE request: memcached DoS when printing out keys to be deleted in verbose mode
- 64978
- 64978
- USN-2080-1
- USN-2080-1
- https://bugzilla.redhat.com/show_bug.cgi?id=895054
- https://bugzilla.redhat.com/show_bug.cgi?id=895054
- https://code.google.com/p/memcached/issues/attachmentText?id=306&aid=3060004000&name=0001-Fix-buffer-overrun-when-logging-key-to-delete-in-bin.patch&token=3GEzHThBL5cxmUrsYANkW03RrNY%3A1358179503096
- https://code.google.com/p/memcached/issues/attachmentText?id=306&aid=3060004000&name=0001-Fix-buffer-overrun-when-logging-key-to-delete-in-bin.patch&token=3GEzHThBL5cxmUrsYANkW03RrNY%3A1358179503096
- https://code.google.com/p/memcached/issues/detail?id=306
- https://code.google.com/p/memcached/issues/detail?id=306
- https://code.google.com/p/memcached/wiki/ReleaseNotes1417
- https://code.google.com/p/memcached/wiki/ReleaseNotes1417
Modified: 2024-11-21
CVE-2013-7239
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
- [oss-security] 20131230 Re: CVE Request: SASL authentication allows wrong credentials to access memcache
- [oss-security] 20131230 Re: CVE Request: SASL authentication allows wrong credentials to access memcache
- 56183
- 56183
- DSA-2832
- DSA-2832
- 64559
- 64559
- USN-2080-1
- USN-2080-1
- https://code.google.com/p/memcached/wiki/ReleaseNotes1417
- https://code.google.com/p/memcached/wiki/ReleaseNotes1417
Modified: 2024-11-21
CVE-2013-7290
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.
Modified: 2024-11-21
CVE-2013-7291
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290.
Modified: 2024-11-21
CVE-2016-8704
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Modified: 2024-11-21
CVE-2016-8705
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Modified: 2024-11-21
CVE-2016-8706
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.