Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-7239
HistoryJan 01, 2014 - 12:00 a.m.

CVE-2013-7239

2014-01-0100:00:00
ubuntu.com
ubuntu.com
17

CVSS2

4.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

EPSS

0.016

Percentile

87.3%

memcached before 1.4.17 allows remote attackers to bypass authentication by
sending an invalid request with SASL credentials, then sending another
request with incorrect SASL credentials.

Bugs

Notes

Author Note
mdeslaur precise isn’t built with sasl support
OSVersionArchitecturePackageVersionFilename
ubuntu12.10noarchmemcached< 1.4.14-0ubuntu1.12.10.1UNKNOWN
ubuntu13.04noarchmemcached< 1.4.14-0ubuntu1.13.04.1UNKNOWN
ubuntu13.10noarchmemcached< 1.4.14-0ubuntu4.1UNKNOWN

CVSS2

4.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

EPSS

0.016

Percentile

87.3%