SuseSUSE-SU-2018:0807-1

HistoryMar 26, 2018 - 3:09 p.m.

Security update for memcached (important)

2018-03-2615:09:40

lists.opensuse.org

461

0.903 High

EPSS

Percentile

98.5%

JSON

This update for memcached fixes the following issues:

Security issues fixed:

CVE-2011-4971: remote DoS (bsc#817781).
CVE-2013-0179: DoS when printing out keys to be deleted in verbose mode
(bsc#798458).
CVE-2013-7239: SASL authentication allows wrong credentials to access
memcache (bsc#857188).
CVE-2013-7290: remote DoS (segmentation fault) via a request to delete a
key (bsc#858677).
CVE-2013-7291: remote DoS (crash) via a request that triggers "unbounded
key print" (bsc#858676).
CVE-2016-8704: Server append/prepend remote code execution (bsc#1007871).
CVE-2016-8705: Server update remote code execution (bsc#1007870).
CVE-2016-8706: Server ASL authentication remote code execution
(bsc#1007869).
CVE-2017-9951: Heap-based buffer over-read in try_read_command function
(incomplete fix for CVE-2016-8705) (bsc#1056865).

OSVersionArchitecturePackageVersionFilename
SUSE OpenStack Cloud6x86_64memcached< 1.4.39-3.3.1memcached-1.4.39-3.3.1.x86_64.rpm
SUSE OpenStack Cloud6x86_64memcached-debugsource< 1.4.39-3.3.1memcached-debugsource-1.4.39-3.3.1.x86_64.rpm
SUSE OpenStack Cloud6x86_64memcached-debuginfo< 1.4.39-3.3.1memcached-debuginfo-1.4.39-3.3.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE OpenStack Cloud	6	x86_64	memcached	< 1.4.39-3.3.1	memcached-1.4.39-3.3.1.x86_64.rpm
SUSE OpenStack Cloud	6	x86_64	memcached-debugsource	< 1.4.39-3.3.1	memcached-debugsource-1.4.39-3.3.1.x86_64.rpm
SUSE OpenStack Cloud	6	x86_64	memcached-debuginfo	< 1.4.39-3.3.1	memcached-debuginfo-1.4.39-3.3.1.x86_64.rpm

References

bugzilla.suse.com/1007869

bugzilla.suse.com/1007870

bugzilla.suse.com/1007871

bugzilla.suse.com/1056865

bugzilla.suse.com/798458

bugzilla.suse.com/817781

bugzilla.suse.com/857188

bugzilla.suse.com/858676

bugzilla.suse.com/858677

suse 3

nessus 44

openvas 41

securityvulns 5

debian 8

oraclelinux 2

osv 8

mageia 4

fedora 7

gentoo 2

archlinux 1

debiancve 9

freebsd 1

ubuntucve 9

thn 2

ibm 3

ubuntu 2

redhat 3

amazon 1

prion 10

cve 10

altlinux 1

packetstorm 1

centos 2

talosblog 1

veracode 4

alpinelinux 4

redhatcve 4

rosalinux 1

checkpoint_advisories 3

talos 3

suse

Security update for memcached (important)

2018-03-22 17:27:53

Security update for memcached (important)

2018-03-30 15:08:08

Security update for memcached (important)

2018-03-29 12:13:00

nessus

openSUSE Security Update : memcached (openSUSE-SU-2014:0867-1)

2014-07-04 00:00:00

EulerOS Virtualization 3.0.1.0 : memcached (EulerOS-SA-2019-1435)

2019-05-14 00:00:00

Debian DLA-701-1 : memcached security update

2016-11-07 00:00:00

openvas

Huawei EulerOS: Security Advisory for memcached (EulerOS-SA-2019-1435)

2020-01-23 00:00:00

Mageia: Security Advisory (MGASA-2014-0018)

2022-01-28 00:00:00

Fedora Update for memcached FEDORA-2014-0926

2014-02-03 00:00:00

securityvulns

[ MDVSA-2014:010 ] memcached

2014-01-29 00:00:00

memcached multiple security vulnerabilities

2014-01-29 00:00:00

[SECURITY] [DSA 2832-1] memcached security update

2014-01-08 00:00:00

debian

[SECURITY] [DLA 701-1] memcached security update

2016-11-05 14:57:27

[SECURITY] [DSA 3704-1] memcached security update

2016-11-03 16:24:14

[SECURITY] [DSA 2832-1] memcached security update

2014-01-01 11:17:45

oraclelinux

memcached security update

2016-11-23 00:00:00

memcached security update

2016-11-23 00:00:00

osv

memcached - security update

2016-11-05 00:00:00

memcached - security update

2016-11-03 00:00:00

memcached - several

2014-01-01 00:00:00

mageia

Updated memcached package fixes multiple security vulnerabilities

2014-01-21 20:14:47

Updated memcached packages fix security vulnerability

2016-11-17 19:37:05

Updated memcached packages fix CVE-2011-4971

2013-11-22 22:40:36

fedora

[SECURITY] Fedora 20 Update: memcached-1.4.17-1.fc20

2014-02-03 02:42:54

[SECURITY] Fedora 19 Update: memcached-1.4.17-1.fc19

2014-02-03 02:49:19

[SECURITY] Fedora 23 Update: memcached-1.4.17-5.fc23

2016-11-14 23:52:16

gentoo

memcached: Multiple vulnerabilities

2014-06-15 00:00:00

memcached: Multiple vulnerabilities

2017-01-02 00:00:00

archlinux

[ASA-201611-1] memcached: arbitrary code execution

2016-11-01 00:00:00

debiancve

CVE-2013-7291

2014-01-13 21:55:00

CVE-2017-9951

2017-07-17 13:18:00

CVE-2013-7290

2014-01-13 21:55:00

freebsd

memcached -- multiple vulnerabilities

2016-10-31 00:00:00

ubuntucve

CVE-2013-0179

2013-01-15 00:00:00

CVE-2013-7291

2013-01-15 00:00:00

CVE-2017-9951

2017-07-17 00:00:00

thn

Multiple Critical Remotely Exploitable Flaws Discovered in Memcached Caching System

2016-11-01 23:21:00

Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking

2017-07-18 04:52:00

ibm

Security Bulletin: Vulnerabilities in Memcached affect IBM Tealeaf Customer Experience and IBM Tealeaf Customer Experience on Cloud Network Capture Add-On

2018-06-16 20:07:47

Security Bulletin: Vulnerability in memcached affects SmartCloud Entry (CVE-2016-8704, CVE-2016-8705)

2020-07-19 00:49:12

Security Bulletin: Multiple vulnerabilities in PHP and memcached libraries affect IBM Tealeaf Customer Experience

2018-06-16 20:03:30

ubuntu

Memcached vulnerabilities

2016-11-02 00:00:00

Memcached vulnerabilities

2014-01-13 00:00:00

redhat

(RHSA-2016:2819) Important: memcached security update

2016-11-23 04:43:57

(RHSA-2016:2820) Important: memcached security update

2016-11-23 04:44:15

(RHSA-2017:0059) Moderate: Red Hat Mobile Application Platform 4.2.1 Security Update - SDKs and RPMs

2017-01-11 16:26:55

amazon

Important: memcached

2016-11-10 18:00:00

prion

Design/Logic Flaw

2014-01-13 21:55:00

Heap overflow

2017-07-17 13:18:00

Design/Logic Flaw

2014-01-13 21:55:00

cve

CVE-2013-7291

2014-01-13 21:55:00

CVE-2017-9951

2017-07-17 13:18:00

CVE-2013-7290

2014-01-13 21:55:00

altlinux

Security fix for the ALT Linux 8 package memcached version 1.4.33-alt1

2016-11-02 00:00:00

packetstorm

Memcached 1.4.33 Proof Of Concept

2016-11-03 00:00:00

centos

memcached security update

2016-11-25 16:47:41

memcached security update

2016-11-28 22:32:14

talosblog

Memcached - A Story of Failed Patching & Vulnerable Servers

2017-07-17 07:35:00

veracode

Denial Of Service (DoS)

2020-05-10 23:24:29

Remote Code Execution (RCE)

2019-05-02 06:07:42

Denial Of Service

2019-01-15 09:14:52

alpinelinux

CVE-2017-9951

2017-07-17 13:18:00

CVE-2016-8706

2017-01-06 21:59:00

CVE-2016-8705

2017-01-06 21:59:00

redhatcve

CVE-2017-9951

2017-07-17 20:18:35

CVE-2016-8705

2017-01-11 19:17:30

CVE-2016-8706

2016-11-01 09:47:30

rosalinux

Advisory ROSA-SA-2021-1917

2021-07-02 17:28:39

checkpoint_advisories

Memcached process_bin_sasl_auth Integer Underflow (CVE-2016-8706)

2016-12-08 00:00:00

Memcached process_bin_update body_len Integer Overflow (CVE-2016-8705)

2016-11-29 00:00:00

Memcached process_bin_append_prepend Integer Overflow (CVE-2016-8704)

2016-12-07 00:00:00

talos

Memcached Server SASL Autentication Remote Code Execution Vulnerability

2016-10-31 00:00:00

Memcached Server Update Remote Code Execution Vulnerability

2016-10-31 00:00:00

Memcached Server Append/Prepend Remote Code Execution Vulnerability

2016-10-31 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

Security update for memcached (important)

References

Related