VYPR

rpm package

suse/memcached&distro=SUSE Studio Onsite 1.3

pkg:rpm/suse/memcached&distro=SUSE%20Studio%20Onsite%201.3

Vulnerabilities (3)

  • CVE-2018-1000115HigMar 5, 2018
    affected < 1.2.6-5.17.3.1fixed 1.2.6-5.17.3.1

    Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported

  • CVE-2017-9951HigJul 17, 2017
    affected < 1.2.6-5.17.4.1fixed 1.2.6-5.17.4.1

    The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. N

  • CVE-2016-8705CriJan 6, 2017
    affected < 1.2.6-5.17.4.1fixed 1.2.6-5.17.4.1

    Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.