Vulnerabilities > CVE-2016-8705 - Integer Overflow or Wraparound vulnerability in Memcached
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Forced Integer Overflow This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201701-12.NASL description The remote host is affected by the vulnerability described in GLSA-201701-12 (memcached: Multiple vulnerabilities) Multiple integer overflow vulnerabilities were discovered in memcached. Please review the CVE identifiers and Cisco TALOS reports referenced below for details. Impact : A remote attacker could abuse memcached’s binary protocol leading to the remote execution of arbitrary code. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 96243 published 2017-01-03 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/96243 title GLSA-201701-12 : memcached: Multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2819.NASL description An update for memcached is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-06-01 modified 2020-06-02 plugin id 95291 published 2016-11-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95291 title RHEL 7 : memcached (RHSA-2016:2819) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-701.NASL description Multiple vulnerabilites have been found in memcached, a high-performance memory object caching system. A remote attacker could take advantage of these flaws to cause a denial of service (daemon crash), or potentially to execute arbitrary code. CVE-2013-7291 It was discovered that memcached, when running in verbose mode, can be crashed by sending carefully crafted requests that trigger an unbounded key print, resulting in a daemon crash. CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 Aleksandar Nikolic of Cisco Talos found several vulnerabilities in memcached. A remote attacker could cause an integer overflow by sending carefully crafted requests to the memcached server, resulting in a daemon crash. For Debian 7 last seen 2020-03-17 modified 2016-11-07 plugin id 94584 published 2016-11-07 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94584 title Debian DLA-701-1 : memcached security update NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_F4BF713F6AC74B76898047BF90C5419F.NASL description Cisco Talos reports : Multiple integer overflow vulnerabilities exist within Memcached that could be exploited to achieve remote code execution on the targeted system. These vulnerabilities manifest in various Memcached functions that are used in inserting, appending, prepending, or modifying key-value data pairs. Systems which also have Memcached compiled with support for SASL authentication are also vulnerable to a third flaw due to how Memcached handles SASL authentication commands. An attacker could exploit these vulnerabilities by sending a specifically crafted Memcached command to the targeted server. Additionally, these vulnerabilities could also be exploited to leak sensitive process information which an attacker could use to bypass common exploitation mitigations, such as ASLR, and can be triggered multiple times. This enables reliable exploitation which makes these vulnerabilities severe. last seen 2020-06-01 modified 2020-06-02 plugin id 94459 published 2016-11-02 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94459 title FreeBSD : memcached -- multiple vulnerabilities (f4bf713f-6ac7-4b76-8980-47bf90c5419f) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3704.NASL description Aleksandar Nikolic of Cisco Talos discovered several integer overflow vulnerabilities in memcached, a high-performance memory object caching system. A remote attacker can take advantage of these flaws to cause a denial of service (daemon crash), or potentially to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 94521 published 2016-11-04 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94521 title Debian DSA-3704-1 : memcached - security update NASL family Scientific Linux Local Security Checks NASL id SL_20161123_MEMCACHED_ON_SL6_X.NASL description Security Fix(es) : - Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) last seen 2020-03-18 modified 2016-11-23 plugin id 95293 published 2016-11-23 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95293 title Scientific Linux Security Update : memcached on SL6.x i386/x86_64 (20161123) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1396.NASL description According to the versions of the memcached package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code.(CVE-2016-8704) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code.(CVE-2016-8705) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-06-01 modified 2020-06-02 plugin id 124899 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124899 title EulerOS Virtualization for ARM 64 3.0.1.0 : memcached (EulerOS-SA-2019-1396) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2213.NASL description According to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.(CVE-2018-1000115) - The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.(CVE-2017-9951) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-11-08 plugin id 130675 published 2019-11-08 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130675 title EulerOS 2.0 SP5 : memcached (EulerOS-SA-2019-2213) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2820.NASL description An update for memcached is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) last seen 2020-06-01 modified 2020-06-02 plugin id 95292 published 2016-11-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95292 title RHEL 6 : memcached (RHSA-2016:2820) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1033.NASL description It was discovered that there was a remote denial of service (DoS) vulnerability in memcached, a high-performance memory object caching system. The try_read_command function allowed remote attackers to cause a DoS via a request to add/set a key that makes a comparison between a signed and unsigned integer which triggered a heap-based buffer over-read. This vulnerability existed due to an incomplete upstream fix for CVE-2016-8705. For Debian 7 last seen 2020-03-17 modified 2017-07-21 plugin id 101856 published 2017-07-21 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101856 title Debian DLA-1033-1 : memcached security update NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2631.NASL description According to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.(CVE-2018-1000115) - The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.(CVE-2017-9951) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-12-18 plugin id 132166 published 2019-12-18 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132166 title EulerOS 2.0 SP3 : memcached (EulerOS-SA-2019-2631) NASL family Fedora Local Security Checks NASL id FEDORA_2016-0C4E822340.NASL description Update to the latest upstream release, which fixes CVE-2016-8704, CVE-2016-8705, CVE-2016-8706. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-12-08 plugin id 95611 published 2016-12-08 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95611 title Fedora 25 : memcached (2016-0c4e822340) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4218.NASL description Several vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached (resulting from an incomplete fix for CVE-2016-8705 ) triggered by specially crafted requests to add/set a key and allowing a remote attacker to cause a denial of service. - CVE-2018-1000115 It was reported that memcached listens to UDP by default. A remote attacker can take advantage of it to use the memcached service as a DDoS amplifier. Default installations of memcached in Debian are not affected by this issue as the installation defaults to listen only on localhost. This update disables the UDP port by default. Listening on the UDP can be re-enabled in the /etc/memcached.conf (cf. /usr/share/doc/memcached/NEWS.Debian.gz). - CVE-2018-1000127 An integer overflow was reported in memcached, resulting in resource leaks, data corruption, deadlocks or crashes. last seen 2020-06-01 modified 2020-06-02 plugin id 110386 published 2018-06-07 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110386 title Debian DSA-4218-1 : memcached - security update NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2391.NASL description According to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.(CVE-2017-9951) - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.(CVE-2018-1000115) - memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.(CVE-2018-1000127) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-12-10 plugin id 131883 published 2019-12-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131883 title EulerOS 2.0 SP2 : memcached (EulerOS-SA-2019-2391) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-1314.NASL description This update for memcached fixes the following security issues : - CVE-2016-8704: Server append/prepend remote code execution (boo#1007871) - CVE-2016-8705: Server update remote code execution (boo#1007870) - CVE-2016-8706: Server ASL authentication remote code execution (boo#1007869) In addition, memcached was updated to 1.4.33 to include all upstream improvements and bugfixes. last seen 2020-06-05 modified 2016-11-18 plugin id 94949 published 2016-11-18 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94949 title openSUSE Security Update : memcached (openSUSE-2016-1314) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2820.NASL description An update for memcached is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) last seen 2020-06-01 modified 2020-06-02 plugin id 95372 published 2016-11-29 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95372 title CentOS 6 : memcached (CESA-2016:2820) NASL family Scientific Linux Local Security Checks NASL id SL_20161123_MEMCACHED_ON_SL7_X.NASL description Security Fix(es) : - Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-03-18 modified 2016-12-15 plugin id 95866 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95866 title Scientific Linux Security Update : memcached on SL7.x x86_64 (20161123) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2016-761.NASL description An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704 , CVE-2016-8705) An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-06-01 modified 2020-06-02 plugin id 94681 published 2016-11-11 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94681 title Amazon Linux AMI : memcached (ALAS-2016-761) NASL family Fedora Local Security Checks NASL id FEDORA_2016-4DF986A71F.NASL description Security fix for CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-11-15 plugin id 94804 published 2016-11-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94804 title Fedora 23 : memcached (2016-4df986a71f) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-1313.NASL description This update for memcached fixes the following security issues : - CVE-2016-8704: Server append/prepend remote code execution (boo#1007871) - CVE-2016-8705: Server update remote code execution (boo#1007870) - CVE-2016-8706: Server ASL authentication remote code execution (boo#1007869) last seen 2020-06-05 modified 2016-11-18 plugin id 94948 published 2016-11-18 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94948 title openSUSE Security Update : memcached (openSUSE-2016-1313) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2819.NASL description An update for memcached is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-06-01 modified 2020-06-02 plugin id 95356 published 2016-11-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95356 title CentOS 7 : memcached (CESA-2016:2819) NASL family Fedora Local Security Checks NASL id FEDORA_2016-66C70CADB4.NASL description Security fix for CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-11-15 plugin id 94814 published 2016-11-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94814 title Fedora 24 : memcached (2016-66c70cadb4) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2819.NASL description From Red Hat Security Advisory 2016:2819 : An update for memcached is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) * An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-06-01 modified 2020-06-02 plugin id 95276 published 2016-11-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95276 title Oracle Linux 7 : memcached (ELSA-2016-2819) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2016-1086.NASL description According to the versions of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) - An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached last seen 2020-05-06 modified 2017-05-01 plugin id 99845 published 2017-05-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99845 title EulerOS 2.0 SP1 : memcached (EulerOS-SA-2016-1086) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1435.NASL description According to the versions of the memcached package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an last seen 2020-06-01 modified 2020-06-02 plugin id 124938 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124938 title EulerOS Virtualization 3.0.1.0 : memcached (EulerOS-SA-2019-1435) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2820.NASL description From Red Hat Security Advisory 2016:2820 : An update for memcached is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es) : * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) last seen 2020-06-01 modified 2020-06-02 plugin id 95277 published 2016-11-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95277 title Oracle Linux 6 : memcached (ELSA-2016-2820) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3120-1.NASL description Aleksandar Nikolic discovered that Memcached incorrectly handled certain malformed commands. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 94509 published 2016-11-03 reporter Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94509 title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : memcached vulnerabilities (USN-3120-1)
Packetstorm
data source | https://packetstormsecurity.com/files/download/139572/memcache-poc.txt |
id | PACKETSTORM:139572 |
last seen | 2016-12-05 |
published | 2016-11-03 |
reporter | dawu |
source | https://packetstormsecurity.com/files/139572/Memcached-1.4.33-Proof-Of-Concept.html |
title | Memcached 1.4.33 Proof Of Concept |
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
Talos
id | TALOS-2016-0220 |
last seen | 2019-05-29 |
published | 2016-10-31 |
reporter | Talos Intelligence |
source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0220 |
title | Memcached Server Update Remote Code Execution Vulnerability |
The Hacker News
id THN:0CB5E22FC1D91226BC56E430F1E31C62 last seen 2018-01-27 modified 2016-11-02 published 2016-11-01 reporter Swati Khandelwal source https://thehackernews.com/2016/11/memcached-hacking.html title Multiple Critical Remotely Exploitable Flaws Discovered in Memcached Caching System id THN:D62B44A1B8B3D803033457090AB49300 last seen 2018-01-27 modified 2017-07-18 published 2017-07-18 reporter Swati Khandelwal source https://thehackernews.com/2017/07/memcached-vulnerabilities.html title Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking
References
- http://www.talosintelligence.com/reports/TALOS-2016-0220/
- http://www.securityfocus.com/bid/94083
- http://www.debian.org/security/2016/dsa-3704
- http://rhn.redhat.com/errata/RHSA-2016-2820.html
- http://rhn.redhat.com/errata/RHSA-2016-2819.html
- https://security.gentoo.org/glsa/201701-12
- http://www.securitytracker.com/id/1037333
- https://access.redhat.com/errata/RHSA-2017:0059