Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2011-4971

Published: 12/12/2013 Updated: 25/03/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Memcached

Vulnerability Summary

Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and previous versions allow remote malicious users to cause a denial of service (crash) via a large body length value in a packet.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

memcached memcached 1.4.0

memcached memcached 1.2.7

memcached memcached

memcached memcached 1.2.8

memcached memcached 1.4.4

memcached memcached 1.4.3

memcached memcached 1.4.2

memcached memcached 1.4.1

Vendor Advisories

Ubuntu Security Notice: memcached vulnerabilities
Several security issues were fixed in Memcached ...
Debian Security Advisories: DSA-2832-1 memcached -- several vulnerabilities
Multiple vulnerabilities have been found in memcached, a high-performance memory object caching system The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-4971 Stefan Bucur reported that memcached could be caused to crash by sending a specially crafted packet CVE-2013-7239 It was reported that S ...
Debian CVElist Bug Report Logs: memcached: CVE-2011-4971: remote denial of service
Debian Bug report logs - #706426 memcached: CVE-2011-4971: remote denial of service Package: memcached; Maintainer for memcached is Guillaume Delacour <gui@iroqwaorg>; Source for memcached is src:memcached (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date: Tue, 30 Apr 2013 06:30:02 UTC Severity: im ...
Debian CVElist Bug Report Logs: memcached: CVE-2013-7239: SASL authentication allows wrong credentials to access memcache
Debian Bug report logs - #733643 memcached: CVE-2013-7239: SASL authentication allows wrong credentials to access memcache Package: memcached; Maintainer for memcached is Guillaume Delacour <gui@iroqwaorg>; Source for memcached is src:memcached (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg&gt ...
Debian CVElist Bug Report Logs: memcached: CVE-2013-0179
Debian Bug report logs - #698231 memcached: CVE-2013-0179 Package: memcached; Maintainer for memcached is Guillaume Delacour <gui@iroqwaorg>; Source for memcached is src:memcached (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 15 Jan 2013 16:33:02 UTC Severity: grave Tags: patch, ...

Github Repositories

https://github.com/secure-rewind-and-discard/sdrad_utils

SDRaD Evaluations This repository contains useful scripts and commands for evaluating SDRaD Memcached To measure the restart time of a Dockerized Memcached, use the following commands: Measuring Docker Restart Time docker run -d --restart unless-stopped -p 11211:11211 memcached docker system events --filter 'event=start' --filter 'event=die' | cut -d : -f

References

CWE-189http://www.mandriva.com/security/advisories?name=MDVSA-2013:280https://code.google.com/p/memcached/issues/detail?id=192http://insecurety.net/?p=872http://secunia.com/advisories/56183http://www.debian.org/security/2014/dsa-2832http://www.ubuntu.com/usn/USN-2080-1https://puppet.com/security/cve/cve-2011-4971http://www.securityfocus.com/bid/59567https://usn.ubuntu.com/2080-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946CVE-2024-30309CVE-2024-4761CVE-2024-30051type confusionmemory leakCVE-2024-30293reflected XSSCVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook