Vulnerabilities > CVE-2016-8705 - Integer Overflow or Wraparound vulnerability in Memcached

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
memcached
CWE-190
critical
nessus

Summary

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-12.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-12 (memcached: Multiple vulnerabilities) Multiple integer overflow vulnerabilities were discovered in memcached. Please review the CVE identifiers and Cisco TALOS reports referenced below for details. Impact : A remote attacker could abuse memcached’s binary protocol leading to the remote execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96243
    published2017-01-03
    reporterThis script is Copyright (C) 2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/96243
    titleGLSA-201701-12 : memcached: Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2819.NASL
    descriptionAn update for memcached is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-06-01
    modified2020-06-02
    plugin id95291
    published2016-11-23
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95291
    titleRHEL 7 : memcached (RHSA-2016:2819)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-701.NASL
    descriptionMultiple vulnerabilites have been found in memcached, a high-performance memory object caching system. A remote attacker could take advantage of these flaws to cause a denial of service (daemon crash), or potentially to execute arbitrary code. CVE-2013-7291 It was discovered that memcached, when running in verbose mode, can be crashed by sending carefully crafted requests that trigger an unbounded key print, resulting in a daemon crash. CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 Aleksandar Nikolic of Cisco Talos found several vulnerabilities in memcached. A remote attacker could cause an integer overflow by sending carefully crafted requests to the memcached server, resulting in a daemon crash. For Debian 7
    last seen2020-03-17
    modified2016-11-07
    plugin id94584
    published2016-11-07
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94584
    titleDebian DLA-701-1 : memcached security update
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_F4BF713F6AC74B76898047BF90C5419F.NASL
    descriptionCisco Talos reports : Multiple integer overflow vulnerabilities exist within Memcached that could be exploited to achieve remote code execution on the targeted system. These vulnerabilities manifest in various Memcached functions that are used in inserting, appending, prepending, or modifying key-value data pairs. Systems which also have Memcached compiled with support for SASL authentication are also vulnerable to a third flaw due to how Memcached handles SASL authentication commands. An attacker could exploit these vulnerabilities by sending a specifically crafted Memcached command to the targeted server. Additionally, these vulnerabilities could also be exploited to leak sensitive process information which an attacker could use to bypass common exploitation mitigations, such as ASLR, and can be triggered multiple times. This enables reliable exploitation which makes these vulnerabilities severe.
    last seen2020-06-01
    modified2020-06-02
    plugin id94459
    published2016-11-02
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94459
    titleFreeBSD : memcached -- multiple vulnerabilities (f4bf713f-6ac7-4b76-8980-47bf90c5419f)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3704.NASL
    descriptionAleksandar Nikolic of Cisco Talos discovered several integer overflow vulnerabilities in memcached, a high-performance memory object caching system. A remote attacker can take advantage of these flaws to cause a denial of service (daemon crash), or potentially to execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id94521
    published2016-11-04
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94521
    titleDebian DSA-3704-1 : memcached - security update
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20161123_MEMCACHED_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)
    last seen2020-03-18
    modified2016-11-23
    plugin id95293
    published2016-11-23
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95293
    titleScientific Linux Security Update : memcached on SL6.x i386/x86_64 (20161123)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1396.NASL
    descriptionAccording to the versions of the memcached package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code.(CVE-2016-8704) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code.(CVE-2016-8705) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-06-01
    modified2020-06-02
    plugin id124899
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124899
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : memcached (EulerOS-SA-2019-1396)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2213.NASL
    descriptionAccording to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.(CVE-2018-1000115) - The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.(CVE-2017-9951) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-11-08
    plugin id130675
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130675
    titleEulerOS 2.0 SP5 : memcached (EulerOS-SA-2019-2213)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2820.NASL
    descriptionAn update for memcached is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)
    last seen2020-06-01
    modified2020-06-02
    plugin id95292
    published2016-11-23
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95292
    titleRHEL 6 : memcached (RHSA-2016:2820)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1033.NASL
    descriptionIt was discovered that there was a remote denial of service (DoS) vulnerability in memcached, a high-performance memory object caching system. The try_read_command function allowed remote attackers to cause a DoS via a request to add/set a key that makes a comparison between a signed and unsigned integer which triggered a heap-based buffer over-read. This vulnerability existed due to an incomplete upstream fix for CVE-2016-8705. For Debian 7
    last seen2020-03-17
    modified2017-07-21
    plugin id101856
    published2017-07-21
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101856
    titleDebian DLA-1033-1 : memcached security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2631.NASL
    descriptionAccording to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.(CVE-2018-1000115) - The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.(CVE-2017-9951) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-18
    plugin id132166
    published2019-12-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132166
    titleEulerOS 2.0 SP3 : memcached (EulerOS-SA-2019-2631)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-0C4E822340.NASL
    descriptionUpdate to the latest upstream release, which fixes CVE-2016-8704, CVE-2016-8705, CVE-2016-8706. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-12-08
    plugin id95611
    published2016-12-08
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95611
    titleFedora 25 : memcached (2016-0c4e822340)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4218.NASL
    descriptionSeveral vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached (resulting from an incomplete fix for CVE-2016-8705 ) triggered by specially crafted requests to add/set a key and allowing a remote attacker to cause a denial of service. - CVE-2018-1000115 It was reported that memcached listens to UDP by default. A remote attacker can take advantage of it to use the memcached service as a DDoS amplifier. Default installations of memcached in Debian are not affected by this issue as the installation defaults to listen only on localhost. This update disables the UDP port by default. Listening on the UDP can be re-enabled in the /etc/memcached.conf (cf. /usr/share/doc/memcached/NEWS.Debian.gz). - CVE-2018-1000127 An integer overflow was reported in memcached, resulting in resource leaks, data corruption, deadlocks or crashes.
    last seen2020-06-01
    modified2020-06-02
    plugin id110386
    published2018-06-07
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110386
    titleDebian DSA-4218-1 : memcached - security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2391.NASL
    descriptionAccording to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.(CVE-2017-9951) - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.(CVE-2018-1000115) - memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.(CVE-2018-1000127) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-10
    plugin id131883
    published2019-12-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131883
    titleEulerOS 2.0 SP2 : memcached (EulerOS-SA-2019-2391)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1314.NASL
    descriptionThis update for memcached fixes the following security issues : - CVE-2016-8704: Server append/prepend remote code execution (boo#1007871) - CVE-2016-8705: Server update remote code execution (boo#1007870) - CVE-2016-8706: Server ASL authentication remote code execution (boo#1007869) In addition, memcached was updated to 1.4.33 to include all upstream improvements and bugfixes.
    last seen2020-06-05
    modified2016-11-18
    plugin id94949
    published2016-11-18
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94949
    titleopenSUSE Security Update : memcached (openSUSE-2016-1314)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-2820.NASL
    descriptionAn update for memcached is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)
    last seen2020-06-01
    modified2020-06-02
    plugin id95372
    published2016-11-29
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95372
    titleCentOS 6 : memcached (CESA-2016:2820)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20161123_MEMCACHED_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-03-18
    modified2016-12-15
    plugin id95866
    published2016-12-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95866
    titleScientific Linux Security Update : memcached on SL7.x x86_64 (20161123)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-761.NASL
    descriptionAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704 , CVE-2016-8705) An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-06-01
    modified2020-06-02
    plugin id94681
    published2016-11-11
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94681
    titleAmazon Linux AMI : memcached (ALAS-2016-761)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-4DF986A71F.NASL
    descriptionSecurity fix for CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94804
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94804
    titleFedora 23 : memcached (2016-4df986a71f)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1313.NASL
    descriptionThis update for memcached fixes the following security issues : - CVE-2016-8704: Server append/prepend remote code execution (boo#1007871) - CVE-2016-8705: Server update remote code execution (boo#1007870) - CVE-2016-8706: Server ASL authentication remote code execution (boo#1007869)
    last seen2020-06-05
    modified2016-11-18
    plugin id94948
    published2016-11-18
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94948
    titleopenSUSE Security Update : memcached (openSUSE-2016-1313)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-2819.NASL
    descriptionAn update for memcached is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-06-01
    modified2020-06-02
    plugin id95356
    published2016-11-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95356
    titleCentOS 7 : memcached (CESA-2016:2819)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-66C70CADB4.NASL
    descriptionSecurity fix for CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94814
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94814
    titleFedora 24 : memcached (2016-66c70cadb4)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-2819.NASL
    descriptionFrom Red Hat Security Advisory 2016:2819 : An update for memcached is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-06-01
    modified2020-06-02
    plugin id95276
    published2016-11-23
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95276
    titleOracle Linux 7 : memcached (ELSA-2016-2819)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1086.NASL
    descriptionAccording to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached
    last seen2020-05-06
    modified2017-05-01
    plugin id99845
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99845
    titleEulerOS 2.0 SP1 : memcached (EulerOS-SA-2016-1086)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1435.NASL
    descriptionAccording to the versions of the memcached package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an
    last seen2020-06-01
    modified2020-06-02
    plugin id124938
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124938
    titleEulerOS Virtualization 3.0.1.0 : memcached (EulerOS-SA-2019-1435)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-2820.NASL
    descriptionFrom Red Hat Security Advisory 2016:2820 : An update for memcached is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)
    last seen2020-06-01
    modified2020-06-02
    plugin id95277
    published2016-11-23
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95277
    titleOracle Linux 6 : memcached (ELSA-2016-2820)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3120-1.NASL
    descriptionAleksandar Nikolic discovered that Memcached incorrectly handled certain malformed commands. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94509
    published2016-11-03
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94509
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : memcached vulnerabilities (USN-3120-1)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/139572/memcache-poc.txt
idPACKETSTORM:139572
last seen2016-12-05
published2016-11-03
reporterdawu
sourcehttps://packetstormsecurity.com/files/139572/Memcached-1.4.33-Proof-Of-Concept.html
titleMemcached 1.4.33 Proof Of Concept

Redhat

advisories
  • bugzilla
    id1390511
    titleCVE-2016-8705 memcached: Server update remote code execution
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentmemcached-devel is earlier than 0:1.4.4-3.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20162820001
          • commentmemcached-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162819002
        • AND
          • commentmemcached is earlier than 0:1.4.4-3.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20162820003
          • commentmemcached is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162819004
    rhsa
    idRHSA-2016:2820
    released2016-11-23
    severityImportant
    titleRHSA-2016:2820: memcached security update (Important)
  • rhsa
    idRHSA-2016:2819
  • rhsa
    idRHSA-2017:0059
rpms
  • memcached-0:1.4.15-10.el7_3.1
  • memcached-debuginfo-0:1.4.15-10.el7_3.1
  • memcached-devel-0:1.4.15-10.el7_3.1
  • memcached-0:1.4.4-3.el6_8.1
  • memcached-debuginfo-0:1.4.4-3.el6_8.1
  • memcached-devel-0:1.4.4-3.el6_8.1
  • rhmap-fh-openshift-templates-0:1.0.0-5.el7

Talos

idTALOS-2016-0220
last seen2019-05-29
published2016-10-31
reporterTalos Intelligence
sourcehttp://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0220
titleMemcached Server Update Remote Code Execution Vulnerability

The Hacker News