Lucene search
Ubuntu.comUB:CVE-2009-1494HistoryApr 30, 2009 - 12:00 a.m.
CVE-2009-1494
2009-04-3000:00:00
ubuntu.com
ubuntu.com
4
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
77.2%
The process_stat function in Memcached 1.2.8 discloses memory-allocation
statistics in response to a stats malloc command, which allows remote
attackers to obtain potentially sensitive information by sending this
command to the daemon’s TCP port.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | should not be a real issue before 1.2.8 |
Related
cve
cve
CVE-2009-1494
2009-04-30 20:30:00
debiancve
debiancve
CVE-2009-1494
2009-04-30 20:30:00
prion
prion
Command injection
2009-04-30 20:30:00
nessus
nessus
Mandriva Linux Security Advisory : memcached (MDVSA-2009:105)
2009-05-05 00:00:00
openSUSE 10 Security Update : memcached (memcached-6397)
2009-10-06 00:00:00
openSUSE Security Update : memcached (memcached-1165)
2009-08-11 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:105 (memcached)
2009-06-05 00:00:00
Memcached Information Disclosure Vulnerabilities
2009-05-18 00:00:00
Mandrake Security Advisory MDVSA-2009:105 (memcached)
2009-06-05 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
77.2%
Related for UB:CVE-2009-1494