Memory corruption in memcached - CVE-2013-7291
Published: March 29, 2018
Vulnerability identifier: #VU11322
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2013-7291
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Memcached
Affected software:
memcached
memcached
Detailed vulnerability description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to boundary error when running in verbose mode. A remote attacker can submit a specially crafted request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree", and cause the service to crash.
The weakness exists due to boundary error when running in verbose mode. A remote attacker can submit a specially crafted request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree", and cause the service to crash.
How to mitigate CVE-2013-7291
Update to version 1.4.17.