Download
| Alert*
|
oval:org.secpod.oval:def:1600849
It was discovered that the memcached daemon listened on UDP port 11211 by default. An attacker could use memcached for UDP amplification denial-of-service attacks. The UDP port has been disabled by default, but can still be enabled. oval:org.secpod.oval:def:1800992 Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume vulnerability in the UDP support of the memcached server that can result in denial of service via network flood . This attack appear to be exploitable via network connectivity to port 11211 UDP. Fixed In Version:&par ... oval:org.secpod.oval:def:1800996 Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume vulnerability in the UDP support of the memcached server that can result in denial of service via network flood . This attack appear to be exploitable via network connectivity to port 11211 UDP. Fixed In Version:&par ... oval:org.secpod.oval:def:1800997 Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume vulnerability in the UDP support of the memcached server that can result in denial of service via network flood . This attack appear to be exploitable via network connectivity to port 11211 UDP. Fixed In Version:&par ... oval:org.secpod.oval:def:89002194 This update for memcached fixes the following issues: - CVE-2018-1000115: Insufficient Control of Network Message Volume vulnerability in the UDP support of the memcached server could result in denial of service via network flood . - Home directory shouldn"t be world readable bsc#1077718 oval:org.secpod.oval:def:2103870 Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources ... oval:org.secpod.oval:def:114327 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. oval:org.secpod.oval:def:704001 memcached: high-performance memory object caching system Several security issues were fixed in Memcached. oval:org.secpod.oval:def:52004 memcached: high-performance memory object caching system Several security issues were fixed in Memcached. oval:org.secpod.oval:def:1700013 It was discovered that the memcached daemon listened on UDP port 11211 by default. An attacker could use memcached for UDP amplification denial-of-service attacks. The UDP port has been disabled by default, but can still be enabled. oval:org.secpod.oval:def:603418 Several vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached triggered by specially crafted ... oval:org.secpod.oval:def:53344 Several vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached triggered by specially crafted ... oval:org.secpod.oval:def:114292 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. |
