ID CVE-2011-4971
Summary Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.
References
Vulnerable Configurations
  • Memcached 1.2.7
    cpe:2.3:a:memcached:memcached:1.2.7
  • Memcached 1.2.8
    cpe:2.3:a:memcached:memcached:1.2.8
  • Memcached 1.4.0
    cpe:2.3:a:memcached:memcached:1.4.0
  • Memcached 1.4.1
    cpe:2.3:a:memcached:memcached:1.4.1
  • Memcached 1.4.2
    cpe:2.3:a:memcached:memcached:1.4.2
  • Memcached 1.4.3
    cpe:2.3:a:memcached:memcached:1.4.3
  • Memcached 1.4.4
    cpe:2.3:a:memcached:memcached:1.4.4
  • Memcached 1.4.5
    cpe:2.3:a:memcached:memcached:1.4.5
CVSS
Base: 5.0 (as of 13-12-2013 - 10:26)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
metasploit via4
description This module sends a specially-crafted packet to cause a segmentation fault in memcached v1.4.15 or earlier versions.
id MSF:AUXILIARY/DOS/MISC/MEMCACHED
last seen 2019-03-29
modified 2017-07-24
published 2013-04-30
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/misc/memcached.rb
title Memcached Remote Denial of Service
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-0926.NASL
    description This is an update to the latest upstream release. It fixes several security vulnerabilities, possible crashes when the key is printed in verbose mode and crash with specially crafted packet. (CVE-2011-4971, CVE-2013-0179, CVE-2013-7291 CVE-2013-7290) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 72249
    published 2014-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72249
    title Fedora 20 : memcached-1.4.17-1.fc20 (2014-0926)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-454.NASL
    description memcached was updated to version 1.4.20 to fix five security issues. These security issues were fixed : - DoS when printing out keys to be deleted in verbose mode (CVE-2013-0179) - Remote DoS (crash) via a request that triggers 'unbounded key print' (CVE-2013-7291) - Remote DoS (segmentation fault) via a request to delete a key (CVE-2013-7290) - SASL authentication allows wrong credentials to access memcache (CVE-2013-7239) - Remote DoS (CVE-2011-4971)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76365
    published 2014-07-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76365
    title openSUSE Security Update : memcached (openSUSE-SU-2014:0867-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-0934.NASL
    description This is an update to the latest upstream release. It fixes several security vulnerabilities, possible crashes when the key is printed in verbose mode and crash with specially crafted packet. (CVE-2011-4971, CVE-2013-0179, CVE-2013-7291 CVE-2013-7290) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 72250
    published 2014-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72250
    title Fedora 19 : memcached-1.4.17-1.fc19 (2014-0934)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-280.NASL
    description A vulnerability was found and corrected in memcached : Memcached is vulnerable to a denial of service as it can be made to crash when it receives a specially crafted packet over the network (CVE-2011-4971). The updated packages for Enterprise Server 5 has beed patched to resolve this flaw. The updated packages for Business Server 1 has been upgraded to the 1.4.15 version and patched to resolve this flaw.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 71075
    published 2013-11-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71075
    title Mandriva Linux Security Advisory : memcached (MDVSA-2013:280)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201406-13.NASL
    description The remote host is affected by the vulnerability described in GLSA-201406-13 (memcached: Multiple vulnerabilities) memcached authentication could be bypassed when using SASL due to a flaw related to SASL authentication state. Also several heap-based buffer overflows due to integer conversions when parsing certain length attributes were discovered. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition or authenticate with invalid SASL credentials, bypassing memcached authentication completely. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 76064
    published 2014-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76064
    title GLSA-201406-13 : memcached: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2832.NASL
    description Multiple vulnerabilities have been found in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2011-4971 Stefan Bucur reported that memcached could be caused to crash by sending a specially crafted packet. - CVE-2013-7239 It was reported that SASL authentication could be bypassed due to a flaw related to the managment of the SASL authentication state. With a specially crafted request, a remote attacker may be able to authenticate with invalid SASL credentials.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 71780
    published 2014-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71780
    title Debian DSA-2832-1 : memcached - several vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2080-1.NASL
    description Stefan Bucur discovered that Memcached incorrectly handled certain large body lengths. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service. (CVE-2011-4971) Jeremy Sowden discovered that Memcached incorrectly handled logging certain details when the -vv option was used. An attacker could use this issue to cause Memcached to crash, resulting in a denial of service. (CVE-2013-0179) It was discovered that Memcached incorrectly handled SASL authentication. A remote attacker could use this issue to bypass SASL authentication completely. This issue only affected Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10. (CVE-2013-7239). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 71938
    published 2014-01-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71938
    title Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : memcached vulnerabilities (USN-2080-1)
refmap via4
bid 59567
confirm https://puppet.com/security/cve/cve-2011-4971
debian DSA-2832
mandriva MDVSA-2013:280
misc
secunia 56183
ubuntu USN-2080-1
Last major update 23-01-2014 - 23:23
Published 12-12-2013 - 13:55
Last modified 24-03-2018 - 21:29
Back to Top