[SECURITY] Fedora 43 Update: perl-Sereal-Decoder-5.005-1.fc43

This library implements a deserializer for an efficient, compact-output, and feature-rich binary protocol called Sereal...

[SECURITY] Fedora 44 Update: perl-Sereal-Encoder-5.005-1.fc44

This library implements an efficient, compact-output, and feature-rich serializer using a binary protocol called Sereal...

Exploit for Path Traversal in Jenkins

jenkinsscan Find jenkins environment and checks for CVE-2024-...

MiracleLinux 8 : openssh-8.0p1-19.el8_9.2 (AXSA:2024-7493:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7493:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential command injection via shell metacharacters...

BIT-MEMCACHED-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

GHSA-WQ9X-QWCQ-MMGF Diesel vulnerable to Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the Diesel Gitter Channel: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to...

GHSA-XMRP-424F-VFPX SQLx Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

SQLx Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

SUSE CVE-2016-8704

An integer overflow in the processbinappendprepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution...

SUSE CVE-2016-8705

Multiple integer overflows in processbinupdate function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution...

Memcached buffer overflow vulnerability (CNVD-2020-23209)

Memcached is the United States Brad Fitzpatrick Brad Fitzpatrick software developers of a high-performance distributed memory object caching system. The system by caching data and objects in memory to reduce the number of times to read the database , thus improving the speed of access to the site...

DEBIAN-CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

CVE-2020-10931

CVE-2020-10931 affects Memcached 1.6.x up to, but not including, 1.6.2. The vulnerability is triggered by a crafted binary protocol header in the try_read_command_binary function within memcached.c, allowing remote attackers to cause a denial of service (daemon crash). Multiple connected sources ...

CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

Memcached 1.6.x < 1.6.2 DoS Vulnerability

Memcached is prone to a denial of service DoS vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

PT-2020-12432 · Memcached +1 · Memcached +1

Name of the Vulnerable Software and Affected Versions: memcached versions 1.6.x before 1.6.2 Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This is achieved by sending a crafted binary protocol header to the try read command binary functi...