CVSS: 7.5EPSS: 14%CPEs: 21EXPL: 2CVE-2010-1152 – memcached 1.4.2 - Memory Consumption Remote Denial of Service
https://notcve.org/view.php?id=CVE-2010-1152
12 Apr 2010 — memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information. memcached.c en memcached anterior a v1.4.3 permite a atacantes remotos provocar una denegación de servicio (fallo o bloqueo del demonio) a través de una línea larga que dispara la asignación de memoria excesiva. NOTA: algunos de estos detalles han sido obtenidos de in... • https://www.exploit-db.com/exploits/33850 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 14%CPEs: 2EXPL: 0CVE-2009-2415 – Gentoo Linux Security Advisory 201406-13
https://notcve.org/view.php?id=CVE-2009-2415
10 Aug 2009 — Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows. Múltiples desbordamientos de entero en memcached v1.1.12 y v1.2.2 permiten a atacantes remotos ejecutar código de su elección a través de vectores de ataque que involucran los atributos de longitud que provocan desbordamientos de búfer basados en memoria dinámica. Multiple vulnerabilities have been found in memcached, allo... • http://osvdb.org/56906 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1494
https://notcve.org/view.php?id=CVE-2009-1494
30 Apr 2009 — The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port. La función process_stat en Memcached v1.2.8 divulga las estadísticas de asignación de memoria en respuesta a un comando stats malloc, lo cual permite a atacantes remotos obtener información potencialmente sensible mediante el envío de este comando al puerto TCP del... • http://code.google.com/p/memcachedb/source/browse/trunk/ChangeLog?spec=svn98&r=98 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 2CVE-2009-1255
https://notcve.org/view.php?id=CVE-2009-1255
30 Apr 2009 — The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port. La función process_stat en (1) Memcached antes de v1.2.8 y (2) MemcacheDB v1.2.0 revela (a) el ... • http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0282.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •