Page 3 of 24 results (0.007 seconds)

CVSS: 7.5EPSS: 96%CPEs: 11EXPL: 2

CVE-2018-1000115 – Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service

https://notcve.org/view.php?id=CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default. Memcached 1.5.5 contiene una vulnerabilidad de control insuficiente de volumen de mensaje de red (amplificación de red, CWE-406) en el soporte UDP del servidor memcached que puede resultar en una denegación de servicio (DoS) mediante una inundación de red (fuentes fiables reportan una amplificación de tráfico de 1:50.000). Este ataque parece ser explotable mediante conectividad de red en el puerto UDP 11211. • https://www.exploit-db.com/exploits/44264 https://www.exploit-db.com/exploits/44265 https://access.redhat.com/errata/RHBA-2018:2140 https://access.redhat.com/errata/RHSA-2018:1593 https://access.redhat.com/errata/RHSA-2018:1627 https://access.redhat.com/errata/RHSA-2018:2331 https://access.redhat.com/errata/RHSA-2018:2857 https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974 https:/ • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1

CVE-2017-9951

https://notcve.org/view.php?id=CVE-2017-9951

The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705. La función try_read_command en el archivo memcached.c en memcached anterior a versión 1.4.39, permite a los atacantes remotos causar una denegación de servicio (fallo de segmentación) por medio de una petición para agregar y configurar una clave, lo que hace una comparación entre un int firmado y sin firmar y activa una lectura excesiva del búfer en la región heap de la memoria. NOTA: esta vulnerabilidad existe debido a una solución incompleta para el CVE-2016-8705. • http://www.securityfocus.com/bid/99874 https://github.com/memcached/memcached/wiki/ReleaseNotes1439 https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ https://usn.ubuntu.com/3588-1 https://www.debian.org/security/2018/dsa-4218 https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report •

CVSS: 9.8EPSS: 86%CPEs: 1EXPL: 1

CVE-2016-8704 – memcached: Server append/prepend remote code execution

https://notcve.org/view.php?id=CVE-2016-8704

An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. Un desbordamiento de entero en la función process_bin_update en Memcached, que es responsable de procesar múltiples comandos de protocolo binario Memcached, puede ser abusado para provocar desbordamiento en la memoria dinámica y conducir a la ejecución remota de código. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. • http://rhn.redhat.com/errata/RHSA-2016-2819.html http://rhn.redhat.com/errata/RHSA-2016-2820.html http://www.debian.org/security/2016/dsa-3704 http://www.securityfocus.com/bid/94083 http://www.securitytracker.com/id/1037333 http://www.talosintelligence.com/reports/TALOS-2016-0219 https://access.redhat.com/errata/RHSA-2017:0059 https://security.gentoo.org/glsa/201701-12 https://access.redhat.com/security/cve/CVE-2016-8704 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 86%CPEs: 1EXPL: 1

CVE-2016-8705 – memcached: Server update remote code execution

https://notcve.org/view.php?id=CVE-2016-8705

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. Múltiples desbordamientos de entero en la función process_bin_update en Memcached, que es responsable de procesar múltiples comandos de protocolo binario Memcached, puede ser abusado para provocar desbordamiento en la memoria dinámica y conducir a la ejecución remota de código. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. • http://rhn.redhat.com/errata/RHSA-2016-2819.html http://rhn.redhat.com/errata/RHSA-2016-2820.html http://www.debian.org/security/2016/dsa-3704 http://www.securityfocus.com/bid/94083 http://www.securitytracker.com/id/1037333 http://www.talosintelligence.com/reports/TALOS-2016-0220 https://access.redhat.com/errata/RHSA-2017:0059 https://security.gentoo.org/glsa/201701-12 https://access.redhat.com/security/cve/CVE-2016-8705 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 8.1EPSS: 88%CPEs: 1EXPL: 1

CVE-2016-8706 – memcached: SASL authentication remote code execution

https://notcve.org/view.php?id=CVE-2016-8706

An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. Desbordamiento de entero en la función process_bin_sasl_auth en Memcached, que es es responsable de autenticar los comandos del código binario Memcached, puede ser abusado para provocar desbordamiento en la memoria dinámica y conducir a la ejecución remota de código. An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached's parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. • http://rhn.redhat.com/errata/RHSA-2016-2819.html http://www.debian.org/security/2016/dsa-3704 http://www.securityfocus.com/bid/94083 http://www.securitytracker.com/id/1037333 http://www.talosintelligence.com/reports/TALOS-2016-0221 https://security.gentoo.org/glsa/201701-12 https://access.redhat.com/security/cve/CVE-2016-8706 https://bugzilla.redhat.com/show_bug.cgi?id=1390512 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •