CVE-2013-0179

Published: Jan 13, 2014Modified: Apr 29, 2026

1.8

Vector

AV:A/AC:H/Au:N/C:N/I:N/A:P

Exploitability: 3.2 / Impact: 2.9

Source: NVD

Description

The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr.

Affected (13)

Products: Memcached: Memcached

1 product

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Memcached Memcached	Version 1.4.10
Memcached Memcached	Version 1.4.11
Memcached Memcached	Version 1.4.12
Memcached Memcached	Version 1.4.13
Memcached Memcached	Version 1.4.14
Memcached Memcached	Version 1.4.15
Memcached Memcached	Version 1.4.16
Memcached Memcached	Version 1.4.4
Memcached Memcached	Version 1.4.5
Memcached Memcached	Version 1.4.6
Memcached Memcached	Version 1.4.7
Memcached Memcached	Version 1.4.8
Memcached Memcached	Version 1.4.9

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (18)

http://secunia.com/advisories/56183

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2013/01/14/4

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2013/01/14/6

Source: secalert@redhat.com

http://www.securityfocus.com/bid/64978

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2080-1

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=895054

Source: secalert@redhat.com

https://code.google.com/p/memcached/issues/attachmentText?id=306&aid=3060004000&name=0001-Fix-buffer-overrun-when-logging-key-to-delete-in-bin.patch&token=3GEzHThBL5cxmUrsYANkW03RrNY%3A1358179503096

Source: secalert@redhat.com

https://code.google.com/p/memcached/issues/detail?id=306

Source: secalert@redhat.com

ExploitPatch

https://code.google.com/p/memcached/wiki/ReleaseNotes1417

Source: secalert@redhat.com

http://secunia.com/advisories/56183

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2013/01/14/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2013/01/14/6

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/64978

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2080-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=895054

Source: af854a3a-2127-422b-91ae-364da2661108

https://code.google.com/p/memcached/issues/attachmentText?id=306&aid=3060004000&name=0001-Fix-buffer-overrun-when-logging-key-to-delete-in-bin.patch&token=3GEzHThBL5cxmUrsYANkW03RrNY%3A1358179503096

Source: af854a3a-2127-422b-91ae-364da2661108

https://code.google.com/p/memcached/issues/detail?id=306

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://code.google.com/p/memcached/wiki/ReleaseNotes1417

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.