Lucene search

[email protected]CVE-2009-2415

HistoryAug 10, 2009 - 6:30 p.m.

CVE-2009-2415

2009-08-1018:30:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2009-2415

memcached

integer overflow

remote code execution

nvd

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.147 Low

EPSS

Percentile

95.7%

JSON

Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.

CPENameOperatorVersion
memcachedb:memcachedmemcachedb memcachedeq1.2.2
memcachedb:memcachedmemcachedb memcachedeq1.1.12

CPE	Name	Operator	Version
memcachedb:memcached	memcachedb memcached	eq	1.2.2
memcachedb:memcached	memcachedb memcached	eq	1.1.12

References

osvdb.org/56906

secunia.com/advisories/36133

secunia.com/advisories/37729

security.debian.org/pool/updates/main/m/memcached/memcached_1.1.12-1+etch1.diff.gz

security.debian.org/pool/updates/main/m/memcached/memcached_1.2.2-1+lenny1.diff.gz

www.debian.org/security/2009/dsa-1853

www.securityfocus.com/bid/35989

www.redhat.com/archives/fedora-package-announce/2009-December/msg00836.html

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.147 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2009-2415

nessus7 openvas11 securityvulns2 debiancve1 seebug1 debian1 redhatcve1 prion1 ubuntucve1 fedora1 gentoo1