Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1000127

Опубликовано: 13 мар. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

РелизСтатусПримечание
artful

released

1.4.33-1ubuntu3.3
devel

not-affected

1.5.6-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.4.14-0ubuntu9.3]]
esm-infra/xenial

released

1.4.25-2ubuntu1.4
precise/esm

DNE

trusty

released

1.4.14-0ubuntu9.3
trusty/esm

DNE

trusty was released [1.4.14-0ubuntu9.3]
upstream

released

1.5.0-1
xenial

released

1.4.25-2ubuntu1.4

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%
0.01002
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-1000127

CVSS3: 6.5
redhat
почти 9 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

nvd логотип

CVE-2018-1000127

CVSS3: 7.5
nvd
почти 8 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

debian логотип

CVE-2018-1000127

CVSS3: 7.5
debian
почти 8 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnera ...

github логотип

GHSA-xfxv-84p3-w8rg

CVSS3: 7.5
github
больше 3 лет назад

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

fstec логотип

BDU:2018-01496

CVSS3: 7.5
fstec
почти 8 лет назад

Уязвимость программного средства кэширования данных memcached, связанная с переполнением целых чисел, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 77%
0.01002
Низкий

5 Medium

CVSS2

7.5 High

CVSS3