This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Cisco Talos reports :
Multiple integer overflow vulnerabilities exist within Memcached that
could be exploited to achieve remote code execution on the targeted
system. These vulnerabilities manifest in various Memcached functions
that are used in inserting, appending, prepending, or modifying
key-value data pairs. Systems which also have Memcached compiled with
support for SASL authentication are also vulnerable to a third flaw
due to how Memcached handles SASL authentication commands.
An attacker could exploit these vulnerabilities by sending a
specifically crafted Memcached command to the targeted server.
Additionally, these vulnerabilities could also be exploited to leak
sensitive process information which an attacker could use to bypass
common exploitation mitigations, such as ASLR, and can be triggered
multiple times. This enables reliable exploitation which makes these
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5