ELSA-2016-2819 -- Oracle memcachedID: oval:org.secpod.oval:def:1501682 | Date: (C)2016-11-25 (M)2023-12-20 |
Class: PATCH | Family: unix |
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix: * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached"s parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code