memcached -- memcached stats maps Information Disclosure Weakness

ID 86ADA694-8B30-11DE-B9D0-000C6E274733
Type freebsd
Reporter FreeBSD
Modified 2009-04-29T00:00:00


Secunia reports:

A weakness has been reported in memcached, which can be exploited by malicious people to disclose system information. The weakness is caused due to the application disclosing the content of /proc/self/maps if a stats maps command is received. This can be exploited to disclose e.g. the addresses of allocated memory regions.