CESA-2016:2819 -- centos 7 memcachedID: oval:org.secpod.oval:def:204162 | Date: (C)2017-03-03 (M)2022-10-10 |
Class: PATCH | Family: unix |
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix: * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached"s parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code