4 matches found
CVE-2010-1152
Memcached prior to version 1.4.3 is affected by CVE-2010-1152. A remote attacker can trigger denial of service by sending a long line that causes excessive memory allocation, potentially hanging or crashing the memcached daemon. Open-source advisories (SUSE/OpenVAS entries) consistently describe ...
CVE-2009-2415
CVE-2009-2415 affects memcached 1.1.12 and 1.2.2, with heap-based buffer overflows caused by integer-conversion errors when parsing length attributes. Remote code execution and authentication bypass (SASL-related state issue) are described in connected advisories. Remediation generally involves u...
CVE-2009-1255
CVE-2009-1255 affects Memcached (before 1.2.8) and MemcacheDB 1.2.0, disclosing the contents of /proc/self/maps via a stats maps command and memory-allocation statistics via a stats malloc command. This enables remote attackers to obtain memory-region addresses and other sensitive information, un...
CVE-2009-1494
The CVE-2009-1494 issue affects Memcached 1.2.8 where the process_stat function discloses memory-allocation statistics in response to a stats malloc command. This enables remote attackers to obtain potentially sensitive information by sending the stats malloc command to the daemon’s TCP port. The...