CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 1CVE-2013-7291 – Gentoo Linux Security Advisory 201406-13
https://notcve.org/view.php?id=CVE-2013-7291
13 Jan 2014 — memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290. memcached anterior a la versión 1.4.17, cuando se ejecuta en modo verboso, permite a atacantes remotos provocar una denegación de servicio (caída) a través de una petición que desencadena una ... • http://www.securityfocus.com/bid/64989 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 1CVE-2013-0179 – Gentoo Linux Security Advisory 201406-13
https://notcve.org/view.php?id=CVE-2013-0179
13 Jan 2014 — The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr. La función process_bin_delete en memcached.c de memcached 1.4.4 y otras versiones anteriores a 1.4.17, cuando se ejecutan en modo verboso, permite a ata... • http://secunia.com/advisories/56183 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2013-7239 – Gentoo Linux Security Advisory 201406-13
https://notcve.org/view.php?id=CVE-2013-7239
03 Jan 2014 — memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials. memcached anterior 1.4.17 permite a atacantes remotos evadir la autenticación mediante el envío de una petición inválida con credenciales SASL, luego enviar otra petición con credenciales SASL incorrectas. Stefan Bucur discovered that Memcached incorrectly handled certain large body lengths. A remote attacker could use thi... • http://seclists.org/oss-sec/2013/q4/572 • CWE-287: Improper Authentication •