VYPR

Memcached

by Memcached

Source repositories

CVEs (27)

  • CVE-2013-7291Jan 13, 2014
    risk 0.00cvss epss 0.01

    memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different…

  • CVE-2013-7290Jan 13, 2014
    risk 0.00cvss epss 0.01

    The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null…

  • CVE-2013-7239Jan 13, 2014
    risk 0.00cvss epss 0.01

    memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.

  • CVE-2013-0179Jan 13, 2014
    risk 0.00cvss epss 0.01

    The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a…

  • CVE-2010-1152Apr 12, 2010
    risk 0.00cvss epss 0.10

    memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information.

  • CVE-2009-1494Apr 30, 2009
    risk 0.00cvss epss 0.01

    The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port.

  • CVE-2009-1255Apr 30, 2009
    risk 0.00cvss epss 0.02

    The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain…

Page 2 of 2