CVE-2013-7239

Related Files

Gentoo Linux Security Advisory 201406-13

Posted Jun 16, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-13 - Multiple vulnerabilities have been found in memcached, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.17 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2009-2415, CVE-2011-4971, CVE-2013-0179, CVE-2013-7239, CVE-2013-7290, CVE-2013-7291

SHA-256 | 05cfaf212de31fc2d8fac7f61b07b5e97592a8e4949897646e3931bdc59185a3

Download | Favorite | View

Mandriva Linux Security Advisory 2014-010

Posted Jan 17, 2014

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-010 - Multiple vulnerabilities has been discovered and corrected in memcached. The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr. memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials. Various other issues have also been addressed.

tags | advisory, remote, denial of service, vulnerability

systems | linux, mandriva

advisories | CVE-2013-0179, CVE-2013-7239, CVE-2013-7290, CVE-2013-7291

SHA-256 | 56e23873dfb9810e91b41765d15d9e18cafd0f9578ff6c5806a952a61bf20fc8

Download | Favorite | View

Ubuntu Security Notice USN-2080-1

Posted Jan 13, 2014

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2080-1 - Stefan Bucur discovered that Memcached incorrectly handled certain large body lengths. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service. Jeremy Sowden discovered that Memcached incorrectly handled logging certain details when the -vv option was used. An attacker could use this issue to cause Memcached to crash, resulting in a denial of service. It was discovered that Memcached incorrectly handled SASL authentication. A remote attacker could use this issue to bypass SASL authentication completely. This issue only affected Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10. Various other issues were also addressed.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2011-4971, CVE-2013-0179, CVE-2013-7239, CVE-2011-4971, CVE-2013-0179, CVE-2013-7239

SHA-256 | 10e572ff8359631dd0ec75ed8707fbadc90cec0717a2e3312c268f06bb58708a

Download | Favorite | View

Debian Security Advisory 2832-1

Posted Jan 3, 2014

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2832-1 - Multiple vulnerabilities have been found in memcached, a high-performance memory object caching system.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2011-4971, CVE-2013-7239

SHA-256 | 98a5876a2d1f333b54eaa35f7926c9fa30ea9a6e1633066ea113d3cb3e31e58c

Download | Favorite | View