memcached

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Distributed memory object caching system
Version 1.6.21-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-941 1.5.5-1 1.5.6-1 High Fixed
AVG-55 1.4.31-1 1.4.32-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2018-1000115 AVG-941 High Yes Insufficient validation
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the...
CVE-2016-8706 AVG-55 Critical Yes Arbitrary code execution
An integer overflow in process_bin_sasl_auth function which is responsible for authentication commands of Memcached binary protocol can be abused to cause...
CVE-2016-8705 AVG-55 Critical Yes Arbitrary code execution
Multiple integer overflows in process_bin_update function which is responsible for processing multiple commands of Memcached binary protocol can be abused...
CVE-2016-8704 AVG-55 Critical Yes Arbitrary code execution
An integer overflow in the process_bin_append_prepend function which is responsible for processing multiple commands of Memcached binary protocol can be...

Advisories

Date Advisory Group Severity Type
01 Nov 2016 ASA-201611-1 AVG-55 Critical arbitrary code execution