- Home
- CVEs with nessus.description==Several vulnerabilities were discovered in memcached, a
high-performance memory object caching system. The Common
Vulnerabilities and Exposures project identifies the following
problems :
- CVE-2017-9951
Daniel Shapira reported a heap-based buffer over-read in
memcached (resulting from an incomplete fix for
CVE-2016-8705 ) triggered by specially crafted requests
to add/set a key and allowing a remote attacker to cause
a denial of service.
- CVE-2018-1000115
It was reported that memcached listens to UDP by
default. A remote attacker can take advantage of it to
use the memcached service as a DDoS amplifier.
Default installations of memcached in Debian are not affected by
this issue as the installation defaults to listen only on localhost.
This update disables the UDP port by default. Listening on the UDP
can be re-enabled in the /etc/memcached.conf (cf.
/usr/share/doc/memcached/NEWS.Debian.gz).
- CVE-2018-1000127
An integer overflow was reported in memcached, resulting
in resource leaks, data corruption, deadlocks or
crashes
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top