SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   memcached Vendors:   Danga Interactive
memcached Buffer Overflows in process_bin Functions Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1037333
SecurityTracker URL:  http://securitytracker.com/id/1037333
CVE Reference:   CVE-2016-8704, CVE-2016-8705, CVE-2016-8706   (Links to External Site)
Date:  Nov 23 2016
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.4.31; possibly other versions
Description:   Several vulnerabilities were reported in memcached. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted Memcached binary protocol commands to trigger a buffer overflow in the process_bin_append_prepend() function and execute arbitrary code on the target system [CVE-2016-8704].

A remote user can send specially crafted Memcached binary protocol commands to trigger a buffer overflow in the process_bin_update() function and execute arbitrary code on the target system [CVE-2016-8705].

A remote user can send specially crafted Memcached binary protocol commands to trigger a buffer overflow in the process_bin_sasl_auth() function and execute arbitrary code on the target system [CVE-2016-8706].

The original advisories are available at:

http://www.talosintelligence.com/reports/TALOS-2016-0219/
http://www.talosintelligence.com/reports/TALOS-2016-0220/
http://www.talosintelligence.com/reports/TALOS-2016-0221/

Aleksandar Nikolic of Cisco Talos reported these vulnerabilities.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a source code fix, available at:

https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c

Vendor URL:  memcached.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 23 2016 (Red Hat Issues Fix) memcached Buffer Overflows in process_bin Functions Let Remote Users Execute Arbitrary Code
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Nov 23 2016 (Red Hat Issues Fix) memcached Buffer Overflows in process_bin Functions Let Remote Users Execute Arbitrary Code
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Nov 23 2016 (Oracle Issues Fix for Oracle Linux) memcached Buffer Overflows in process_bin Functions Let Remote Users Execute Arbitrary Code
Oracle has issued a fix for Oracle Linux 6 and 7.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC