121 matches found
memcached: memcached: Username enumeration via timing side channel
A flaw was found in memcached. A remote attacker can exploit a timing side channel during Simple Authentication and Security Layer SASL password database authentication. This vulnerability allows an attacker to observe subtle timing differences, which could be used to enumerate valid usernames...
memcached: memcached: Username enumeration via timing side channel
A flaw was found in memcached. A remote attacker can exploit a timing side channel during Simple Authentication and Security Layer SASL password database authentication. This vulnerability allows an attacker to observe subtle timing differences, which could be used to enumerate valid usernames...
Updated memcached packages fix security vulnerabilities
CVE-2026-47784 In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass. CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side...
Security update for memcached
This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...
EulerOS Virtualization 2.13.1 : util-linux (EulerOS-SA-2026-2153)
According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifical...
CVE-2026-47783
A flaw was found in memcached. A remote attacker can exploit a timing side channel during Simple Authentication and Security Layer SASL password database authentication. This vulnerability allows an attacker to observe subtle timing differences, which could be used to enumerate valid usernames...
BIT-MEMCACHED-2026-47783
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.
...
SUSE CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...
CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...
CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...
CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...
CVE-2026-47784
The CVE concerns memcached prior to 1.6.42, where SASL password data used for authentication is exposed to a timing side-channel via memcmp in sasl_server_userdb_checkpass. Affected versions are before 1.6.42; upgrading to 1.6.42 or later is the supported remediation per the release notes. The vu...
CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...
CVE-2026-47783
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...
CVE-2026-47783
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...
CVE-2026-47783
Memcached prior to version 1.6.42 is affected by a timing side-channel in SASL password database authentication: the loop in sasl_server_userdb_checkpass exits as soon as a valid username is found, leaking information. The issue is documented in the 1.6.42 release notes/commit references. This vu...
CVE-2026-47783
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...
CVE-2026-47783
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...
PT-2026-42109
Name of the Vulnerable Software and Affected Versions memcached versions prior to 1.6.42 Description Username data for SASL password database authentication contains a timing side channel. This occurs because the sasl server userdb checkpass function utilizes a loop that terminates immediately up...