oss-sec mailing list archives
memcached remote seg fault
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 29 Apr 2013 19:18:04 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So this was brought to my attention: http://insecurety.net/?p=872 Memcached remote DoS (segmentation fault) Works like a charm on Fedora 18 running Memcached 1.4.15 (the latest stable). Please use CVE-2013-2026 for this issue. I guess the good news is that because memcached basically has no security most people run it within closed networks, hopefully no-one is running these things publicly like a lot of people used to (http://www.sensepost.com/blog/4873.html). - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRfxvMAAoJEBYNRVNeJnmTsLwQAKwV9n23cW0nCpReGYHSPBKH y7wXHUyQufhcUdvfG1+sqTKR94T34nSz9HrmXLxmP4bZ0yIpkM/ogzWzlLCsn5w0 6MaAiUuVIxKIn4KO0FkQgQfPm7tm0ARx1ZwEv4DXyA9PpoijpGLo31NiTI6ULC7b 3sVDdtSiAAFPFqnaaWmzWDIufRK2NvG3wPQnO1WFtHhRQ/E2WOHN6WXYlrvDO/Rj hFq14XITEUo0jaAunlV7CVHGvBge/WXSV7gVPZFux9Ra0om2YweaSqNT1YfMvs+r B1yYTfrZx/uMmAho4Pl18ZFfu7QShViQrfp6iBAOxs4Wlu7vPN8HPXSR0cEIlprr HU6WLy6DvHf6HnewP1gZHU8wk9wlG+Q9vS8zXBmiMyKt+sOMQSnva5qFVvPUGj9t 4yEgF5rBy01mUSTsfteTV41cbNGSQxwA2t75Xrs5IQj24Rt+lbm0oPJWG/I6IFzK LPqgXh+cWcqUyA2ppBwalsAjaQHZbhhyqNl/RalV69zI0auR4o2Yss5jyDWcgBLl Q82uhczXtgh4Z4M0LYomI/FLdyOz8QTXy62UJY7sLkp8KGJ6/M8lZc0UMzZJ5Qwr o2LLDXjejgs4w9/Rz3LrpmOTs1nxfcBbmSM2fESOH04/HnRFxEhvtccEpVrTHIUe j+tBbmXL3toah7k0HV16 =UiU8 -----END PGP SIGNATURE-----
Current thread:
- memcached remote seg fault Kurt Seifried (Apr 29)
- Re: memcached remote seg fault Kurt Seifried (Apr 29)