MGASA-2014-0018

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0018.html

Import Source

https://advisories.mageia.org/MGASA-2014-0018.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2014-0018

Related

Published

2014-01-21T16:14:47Z

Modified

2014-01-21T16:14:43Z

Summary

Updated memcached package fixes multiple security vulnerabilities

Details

Updated memcached packages fix security vulnerability:

It was reported that SASL authentication could be bypassed due to a flaw related to the managment of the SASL authentication state. With a specially crafted request, a remote attacker may be able to authenticate with invalid SASL credentials (CVE-2013-7239).

Multiple issues in memcached before 1.4.17 which allow remote attackers to cause a denial of service by sending a request that causes a crash when memcached is running in verbose mode (CVE-2013-0179, CVE-2013-7290, CVE-2013-7291).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / memcached

Package

Name: memcached
Purl: pkg:rpm/mageia/memcached?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.17-1.mga3

Ecosystem specific

{
    "section": "core"
}