Mandriva Linux Security Advisory : memcached (MDVSA-2014:010)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Multiple vulnerabilities has been discovered and corrected in
memcached :

The process_bin_delete function in memcached.c in memcached 1.4.4 and
other versions before 1.4.17, when running in verbose mode, allows
remote attackers to cause a denial of service (segmentation fault) via
a request to delete a key, which does not account for the lack of a
null terminator in the key and triggers a buffer over-read when
printing to stderr (CVE-2013-0179).

memcached before 1.4.17 allows remote attackers to bypass
authentication by sending an invalid request with SASL credentials,
then sending another request with incorrect SASL credentials
(CVE-2013-7239).

The do_item_get function in items.c in memcached 1.4.4 and other
versions before 1.4.17, when running in verbose mode, allows remote
attackers to cause a denial of service (segmentation fault) via a
request to delete a key, which does not account for the lack of a null
terminator in the key and triggers a buffer over-read when printing to
stderr, a different vulnerability than CVE-2013-0179 (CVE-2013-7290).

memcached before 1.4.17, when running in verbose mode, allows remote
attackers to cause a denial of service (crash) via a request that
triggers an unbounded key print during logging, related to an issue
that was quickly grepped out of the source tree, a different
vulnerability than CVE-2013-0179 and CVE-2013-7290 (CVE-2013-7291).

The updated packages have been upgraded to the 1.4.17 version which is
unaffected by these issues.

See also :

https://code.google.com/p/memcached/wiki/ReleaseNotes1417

Solution :

Update the affected memcached and / or memcached-devel packages.

Risk factor :

Medium / CVSS Base Score : 4.8
(CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 4.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Mandriva Local Security Checks

Nessus Plugin ID: 72024 ()

Bugtraq ID: 64559
64978
64988
64989

CVE ID: CVE-2013-0179
CVE-2013-7239
CVE-2013-7290
CVE-2013-7291

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now