Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2017-9951

Published: 17/07/2017 Updated: 03/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Memcached

Vulnerability Summary

The try_read_command function in memcached.c in memcached prior to 1.4.39 allows remote malicious users to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

memcached memcached

Vendor Advisories

Ubuntu Security Notice: memcached vulnerabilities
Several security issues were fixed in Memcached ...
Debian CVElist Bug Report Logs: memcached: CVE-2017-9951: Heap-based buffer over-read in try_read_command function
Debian Bug report logs - #868701 memcached: CVE-2017-9951: Heap-based buffer over-read in try_read_command function Package: src:memcached; Maintainer for src:memcached is Guillaume Delacour <gui@iroqwaorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 17 Jul 2017 20:39:02 UTC Severity: important ...
Debian CVElist Bug Report Logs: memcached: CVE-2018-1000127
Debian Bug report logs - #894404 memcached: CVE-2018-1000127 Package: memcached; Maintainer for memcached is Guillaume Delacour <gui@iroqwaorg>; Source for memcached is src:memcached (PTS, buildd, popcon) Reported by: Antoine Beaupre <anarcat@orangeseedsorg> Date: Thu, 29 Mar 2018 21:33:02 UTC Severity: grave Tags ...
Debian Security Advisories: DSA-4218-1 memcached -- security update
Several vulnerabilities were discovered in memcached, a high-performance memory object caching system The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-9951 Daniel Shapira reported a heap-based buffer over-read in memcached (resulting from an incomplete fix for CVE-2016-8705) triggered by spe ...
Red Hat: CVE-2017-9951
The try_read_command function in memcachedc in memcached before 1439 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read NOTE: this vulnerability exists because of an incomplete fix for CVE-20 ...

References

NVD-CWE-noinfohttps://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJhttps://github.com/memcached/memcached/wiki/ReleaseNotes1439https://usn.ubuntu.com/3588-1/http://www.securityfocus.com/bid/99874https://www.debian.org/security/2018/dsa-4218https://nvd.nist.govhttps://usn.ubuntu.com/3588-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook