Memcached: >> Memcached >> 1.2.7 Security Vulnerabilities
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
CVSS Score
4.8
EPSS Score
0.003
Published
2014-01-13
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290.
CVSS Score
1.8
EPSS Score
0.002
Published
2014-01-13
Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.
CVSS Score
5.0
EPSS Score
0.461
Published
2013-12-12
Page 2