Lucene search

K
ubuntuUbuntuUSN-2080-1
HistoryJan 13, 2014 - 12:00 a.m.

Memcached vulnerabilities

2014-01-1300:00:00
ubuntu.com
27

9.8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.066 Low

EPSS

Percentile

93.7%

Releases

  • Ubuntu 13.10
  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04

Packages

  • memcached - A high-performance memory object caching system

Details

Stefan Bucur discovered that Memcached incorrectly handled certain large
body lengths. A remote attacker could use this issue to cause Memcached to
crash, resulting in a denial of service. (CVE-2011-4971)

Jeremy Sowden discovered that Memcached incorrectly handled logging certain
details when the -vv option was used. An attacker could use this issue to
cause Memcached to crash, resulting in a denial of service. (CVE-2013-0179)

It was discovered that Memcached incorrectly handled SASL authentication.
A remote attacker could use this issue to bypass SASL authentication
completely. This issue only affected Ubuntu 12.10, Ubuntu 13.04 and Ubuntu
13.10. (CVE-2013-7239)

OSVersionArchitecturePackageVersionFilename
Ubuntu13.10noarchmemcached< 1.4.14-0ubuntu4.1UNKNOWN
Ubuntu13.04noarchmemcached< 1.4.14-0ubuntu1.13.04.1UNKNOWN
Ubuntu12.10noarchmemcached< 1.4.14-0ubuntu1.12.10.1UNKNOWN
Ubuntu12.04noarchmemcached< 1.4.13-0ubuntu2.1UNKNOWN

9.8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.066 Low

EPSS

Percentile

93.7%