Описание
ELSA-2016-2819: memcached security update (IMPORTANT)
[0:1.4.15-10.el7_3.1]
- fix vulnerabilities allowing remote code execution (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706)
[0:1.4.15-10]
- fix binding to IPv6 address (#1298603)
- enable SASL support (#1263696)
- don't allow authentication with bad SASL credentials (CVE-2013-7239)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
memcached
1.4.15-10.el7_3.1
memcached-devel
1.4.15-10.el7_3.1
Oracle Linux x86_64
memcached
1.4.15-10.el7_3.1
memcached-devel
1.4.15-10.el7_3.1
Связанные CVE
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 8 лет назад
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
CVSS3: 9.8
redhat
почти 9 лет назад
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.