Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1000127

Опубликовано: 13 мар. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:*
Версия до 1.4.37 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*

EPSS

Процентиль: 77%
0.01002
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2018-1000127

CVSS3: 7.5
ubuntu
почти 8 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

redhat логотип

CVE-2018-1000127

CVSS3: 6.5
redhat
почти 9 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

debian логотип

CVE-2018-1000127

CVSS3: 7.5
debian
почти 8 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnera ...

github логотип

GHSA-xfxv-84p3-w8rg

CVSS3: 7.5
github
больше 3 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

fstec логотип

BDU:2018-01496

CVSS3: 7.5
fstec
почти 8 лет назад

Уязвимость программного средства кэширования данных memcached, связанная с переполнением целых чисел, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 77%
0.01002
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-190