Memcached < 1.4.3 No Newline Memory Consumption DoS

Medium Nessus Network Monitor Plugin ID 5514


The remote host is vulnerable to a denial of service attack.


The remote host is running memcached, a distributed memory object caching system. The installed version of memcached is earlier than 1.4.3. Such versions are potentially affected by a denial of service vulnerability because the application continues to read in new data, reallocating its input buffer until a newline character is received which could lead to excessive memory consumption. An attacker, exploiting this flaw, could crash the affected service.


Upgrade to memcached 1.4.3 or later.

See Also

Plugin Details

Severity: Medium

ID: 5514

File Name: 5514.prm

Family: Generic

Published: 2010/04/20

Modified: 2016/01/21

Nessus ID: 45579

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.9


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2009/11/07

Vulnerability Publication Date: 2009/10/28

Reference Information

CVE: CVE-2010-1152

BID: 39577