vulnerability
Oracle Linux: CVE-2016-8706: ELSA-2016-2819: memcached security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:H/Au:N/C:C/I:C/A:C) | Oct 31, 2016 | Nov 23, 2016 | Nov 29, 2024 |
Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
Oct 31, 2016
Added
Nov 23, 2016
Modified
Nov 29, 2024
Description
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached's parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code.
An integer overflow flaw, leading to a heap-based buffer overflow, was found in memcached's parsing of SASL authentication messages. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code.
Solution(s)
oracle-linux-upgrade-memcachedoracle-linux-upgrade-memcached-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.