what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2018-1000115

Status Candidate

Overview

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.

Related Files

Red Hat Security Advisory 2018-2857-01
Posted Oct 2, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2857-01 - memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2018-1000115
SHA-256 | 20f4e70192199d5b54e327312863c372163f797d9884ecf4f4d69819726d7f94
Red Hat Security Advisory 2018-2331-01
Posted Aug 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2331-01 - memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security fix: memcached: UDP server support allows spoofed traffic amplification DoS For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, udp, spoof
systems | linux, redhat
advisories | CVE-2018-1000115
SHA-256 | d2d6167428370d5bebd267e8017566b4d29f9e6ca8b49d0114b74f234e978434
Debian Security Advisory 4218-1
Posted Jun 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4218-1 - Several vulnerabilities were discovered in memcached, a high-performance memory object caching system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-9951, CVE-2018-1000115, CVE-2018-1000127
SHA-256 | 31409b050aa16f0027b218848cd4c5b524e8fd540c82f9ca59a6f7c8d2fe7382
Red Hat Security Advisory 2018-1627-01
Posted May 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1627-01 - Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat OpenStack Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2017-12155, CVE-2018-1000115
SHA-256 | fe790deb0657a9a6ca5ea765e304a72bb87af4df0a07497ccc67685dcced5a6f
Red Hat Security Advisory 2018-1593-01
Posted May 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1593-01 - Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat OpenStack Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2017-12155, CVE-2018-1000115
SHA-256 | 152b29ed1fc7877b224d7421750f311465cf5de3926f88af2eb5b25c7f3447e0
Red Hat Security Advisory 2018-1593-01
Posted May 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1593-01 - Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat OpenStack Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2017-12155, CVE-2018-1000115
SHA-256 | 152b29ed1fc7877b224d7421750f311465cf5de3926f88af2eb5b25c7f3447e0
Ubuntu Security Notice USN-3588-1
Posted Mar 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3588-1 - Daniel Shapira discovered an integer overflow issue in Memcached. A remote attacker could use this to cause a denial of service. It was discovered that Memcached listened to UDP by default. A remote attacker could use this as part of a distributed denial of service attack.

tags | advisory, remote, denial of service, overflow, udp
systems | linux, ubuntu
advisories | CVE-2017-9951, CVE-2018-1000115
SHA-256 | e5074075234b29293847972a0ab54458d79197401d9818e6ef4f2af4c3625ac9
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close