DSA-2832-1 memcached -- severalID: oval:org.secpod.oval:def:601189 | Date: (C)2014-01-08 (M)2022-10-10 |
Class: PATCH | Family: unix |
Multiple vulnerabilities have been found in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-4971 Stefan Bucur reported that memcached could be caused to crash by sending a specially crafted packet. CVE-2013-7239 It was reported that SASL authentication could be bypassed due to a flaw related to the managment of the SASL authentication state. With a specially crafted request, a remote attacker may be able to authenticate with invalid SASL credentials. For the oldstable distribution , these problems have been fixed in version 1.4.5-1+deb6u1. Note that the patch for CVE-2013-7239 was not applied
Platform: |
Debian 7.0 |
Debian 6.0 |