Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2016-761

Related Vulnerabilities: CVE-2016-8704   CVE-2016-8705   CVE-2016-8706  

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705) An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached's parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8706)

Source

ALAS-2016-761

Amazon Linux AMI Security Advisory: ALAS-2016-761
Advisory Release Date: 2016-11-10 18:00 Pacific
Advisory Updated Date: 2016-11-10 18:00 Pacific
Severity: Important
Issue Overview:

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached's parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8706)


Affected Packages:

memcached


Issue Correction:
Run yum update memcached to update your system.

New Packages:
i686:
    memcached-1.4.15-9.13.amzn1.i686
    memcached-debuginfo-1.4.15-9.13.amzn1.i686
    memcached-devel-1.4.15-9.13.amzn1.i686

src:
    memcached-1.4.15-9.13.amzn1.src

x86_64:
    memcached-1.4.15-9.13.amzn1.x86_64
    memcached-devel-1.4.15-9.13.amzn1.x86_64
    memcached-debuginfo-1.4.15-9.13.amzn1.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started