Download
| Alert*
oval:org.secpod.oval:def:1800173
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because o ... oval:org.secpod.oval:def:1800277 The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because o ... oval:org.secpod.oval:def:89002567 This update for memcached fixes the following issues: - CVE-2017-9951: Fixed heap-based buffer over-read in try_read_command function which allowed remote attackers to cause a denial of service attack . oval:org.secpod.oval:def:2103870 Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources ... oval:org.secpod.oval:def:2103745 Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. oval:org.secpod.oval:def:113453 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. oval:org.secpod.oval:def:113465 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. oval:org.secpod.oval:def:1800427 The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because o ... oval:org.secpod.oval:def:603418 Several vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached triggered by specially crafted ... oval:org.secpod.oval:def:704001 memcached: high-performance memory object caching system Several security issues were fixed in Memcached. oval:org.secpod.oval:def:53344 Several vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached triggered by specially crafted ... oval:org.secpod.oval:def:114292 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. oval:org.secpod.oval:def:52004 memcached: high-performance memory object caching system Several security issues were fixed in Memcached. |