Lucene search
HistoryDec 12, 2013 - 6:55 p.m.
CVE-2011-4971
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.3
Confidence
High
EPSS
0.077
Percentile
94.3%
Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.
Affected configurations
Node
memcachedmemcachedRange≤1.4.5
ORmemcachedmemcachedMatch1.2.7
ORmemcachedmemcachedMatch1.2.8
ORmemcachedmemcachedMatch1.4.0
ORmemcachedmemcachedMatch1.4.1
ORmemcachedmemcachedMatch1.4.2
ORmemcachedmemcachedMatch1.4.3
ORmemcachedmemcachedMatch1.4.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| memcached | memcached | * | cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:* |
| memcached | memcached | 1.2.7 | cpe:2.3:a:memcached:memcached:1.2.7:*:*:*:*:*:*:* |
| memcached | memcached | 1.2.8 | cpe:2.3:a:memcached:memcached:1.2.8:*:*:*:*:*:*:* |
| memcached | memcached | 1.4.0 | cpe:2.3:a:memcached:memcached:1.4.0:*:*:*:*:*:*:* |
| memcached | memcached | 1.4.1 | cpe:2.3:a:memcached:memcached:1.4.1:*:*:*:*:*:*:* |
| memcached | memcached | 1.4.2 | cpe:2.3:a:memcached:memcached:1.4.2:*:*:*:*:*:*:* |
| memcached | memcached | 1.4.3 | cpe:2.3:a:memcached:memcached:1.4.3:*:*:*:*:*:*:* |
| memcached | memcached | 1.4.4 | cpe:2.3:a:memcached:memcached:1.4.4:*:*:*:*:*:*:* |
Related
securityvulns
securityvulns
[ MDVSA-2013:280 ] memcached
2013-11-26 00:00:00
memcached DoS
2013-11-26 00:00:00
[SECURITY] [DSA 2832-1] memcached security update
2014-01-08 00:00:00
cvelist
cvelist
CVE-2011-4971
2013-12-12 18:00:00
openvas
openvas
Memcached < 1.4.17 Remote DoS Vulnerability
2013-04-30 00:00:00
Mageia: Security Advisory (MGASA-2013-0339)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2080-1)
2014-01-20 00:00:00
ubuntucve
ubuntucve
CVE-2011-4971
2013-12-12 00:00:00
packetstorm
packetstorm
Memcached Remote Denial of Service
2024-08-31 00:00:00
debiancve
debiancve
CVE-2011-4971
2013-12-12 18:55:03
cve
cve
CVE-2011-4971
2013-12-12 18:55:03
CVE-2013-2026
2013-09-26 14:16:22
prion
prion
Integer overflow
2013-12-12 18:55:00
Design/Logic Flaw
2013-09-26 14:16:00
metasploit
metasploit
Memcached Remote Denial of Service
2013-04-30 14:45:09
nessus
nessus
Mandriva Linux Security Advisory : memcached (MDVSA-2013:280)
2013-11-25 00:00:00
Debian DSA-2832-1 : memcached - several vulnerabilities
2014-01-02 00:00:00
mageia
mageia
Updated memcached packages fix CVE-2011-4971
2013-11-22 22:40:36
nvd
nvd
CVE-2013-2026
2013-09-26 14:16:22
osv
osv
memcached - several
2014-01-01 00:00:00
debian
debian
[SECURITY] [DSA 2832-1] memcached security update
2014-01-01 11:17:45
[SECURITY] [DSA 2832-1] memcached security update
2014-01-01 11:17:45
ubuntu
ubuntu
Memcached vulnerabilities
2014-01-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: memcached-1.4.17-1.fc20
2014-02-03 02:42:54
[SECURITY] Fedora 19 Update: memcached-1.4.17-1.fc19
2014-02-03 02:49:19
gentoo
gentoo
memcached: Multiple vulnerabilities
2014-06-15 00:00:00
suse
suse
Security update for memcached (important)
2018-03-22 17:27:53
Security update for memcached (important)
2018-03-26 15:09:40
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.3
Confidence
High
EPSS
0.077
Percentile
94.3%
Related for NVD:CVE-2011-4971