CVE request: memcached DoS when printing out keys to be deleted in verbose mode

[Vincent Danen <vdanen () redhat com>]

We got a report about a DoS in memcached when run with -vv (verbose
mode) and a request to delete a key is sent to the server (via memrm).
Because memcached doesn't null terminate the keys as it prints them,
fprintf may run off the end of the buffer.

This isn't a very significant issue (even without SSP/FORTIFY_SOURCE if
you could do something more malicious, memcached won't run as root).
Also note the docs indicate that memcached should only be accessible via
trusted users/hosts and not the internet at large, so the exposure
should be minimal.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=895054
https://code.google.com/p/memcached/issues/detail?id=306
https://code.google.com/p/memcached/issues/attachmentText?id=306&aid=3060004000&name=0001-Fix-buffer-overrun-when-logging-key-to-delete-in-bin.patch&token=3GEzHThBL5cxmUrsYANkW03RrNY%3A1358179503096

Could a CVE be assigned for this?  Thanks.

--
Vincent Danen / Red Hat Security Response Team