memcached remote seg fault

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So this was brought to my attention:

http://insecurety.net/?p=872

Memcached remote DoS (segmentation fault)

Works like a charm on Fedora 18 running Memcached 1.4.15 (the latest
stable).

Please use CVE-2013-2026 for this issue. I guess the good news is that
because memcached basically has no security most people run it within
closed networks, hopefully no-one is running these things publicly
like a lot of people used to (http://www.sensepost.com/blog/4873.html).


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRfxvMAAoJEBYNRVNeJnmTsLwQAKwV9n23cW0nCpReGYHSPBKH
y7wXHUyQufhcUdvfG1+sqTKR94T34nSz9HrmXLxmP4bZ0yIpkM/ogzWzlLCsn5w0
6MaAiUuVIxKIn4KO0FkQgQfPm7tm0ARx1ZwEv4DXyA9PpoijpGLo31NiTI6ULC7b
3sVDdtSiAAFPFqnaaWmzWDIufRK2NvG3wPQnO1WFtHhRQ/E2WOHN6WXYlrvDO/Rj
hFq14XITEUo0jaAunlV7CVHGvBge/WXSV7gVPZFux9Ra0om2YweaSqNT1YfMvs+r
B1yYTfrZx/uMmAho4Pl18ZFfu7QShViQrfp6iBAOxs4Wlu7vPN8HPXSR0cEIlprr
HU6WLy6DvHf6HnewP1gZHU8wk9wlG+Q9vS8zXBmiMyKt+sOMQSnva5qFVvPUGj9t
4yEgF5rBy01mUSTsfteTV41cbNGSQxwA2t75Xrs5IQj24Rt+lbm0oPJWG/I6IFzK
LPqgXh+cWcqUyA2ppBwalsAjaQHZbhhyqNl/RalV69zI0auR4o2Yss5jyDWcgBLl
Q82uhczXtgh4Z4M0LYomI/FLdyOz8QTXy62UJY7sLkp8KGJ6/M8lZc0UMzZJ5Qwr
o2LLDXjejgs4w9/Rz3LrpmOTs1nxfcBbmSM2fESOH04/HnRFxEhvtccEpVrTHIUe
j+tBbmXL3toah7k0HV16
=UiU8
-----END PGP SIGNATURE-----