CVE-2016-8705
Description
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
16.221
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| high-performance memory object caching system (USN-3120-1) memcached_1.4.13-0ubuntu2.2_i386.deb | Linux |
| high-performance memory object caching system (USN-3120-1) memcached_1.4.13-0ubuntu2.2_amd64.deb | Linux |
| high-performance memory object caching system (USN-3120-1) memcached_1.4.14-0ubuntu9.1_i386.deb | Linux |
| high-performance memory object caching system (USN-3120-1) memcached_1.4.14-0ubuntu9.1_amd64.deb | Linux |
| high-performance memory object caching system (USN-3120-1) memcached_1.4.25-2ubuntu1.2_i386.deb | Linux |
| high-performance memory object caching system (USN-3120-1) memcached_1.4.25-2ubuntu1.2_amd64.deb | Linux |
| Memcached 1.4.25-2ubuntu2.1 for Ubuntu 16.10 (x64) memcached_1.4.25-2ubuntu2.1_amd64.deb | Linux |
| Memcached 1.4.25-2ubuntu2.1 for Ubuntu 16.10 memcached_1.4.25-2ubuntu2.1_i386.deb | Linux |
| memcached security update(DSA-3704-1) memcached_1.4.21-1.1+deb8u1_amd64.deb | Linux |
| memcached security update(DSA-3704-1) memcached_1.4.21-1.1+deb8u1_kfreebsd-i386.deb | Linux |
| memcached security update(DSA-3704-1) memcached_1.4.21-1.1+deb8u1_kfreebsd-amd64.deb | Linux |
| (RHSA-2016:2820) Important: memcached security update memcached-1.4.4-3.el6_8.1.i686.rpm | Linux |
| (RHSA-2016:2820) Important: memcached security update memcached-1.4.4-3.el6_8.1.x86_64.rpm | Linux |
| (RHSA-2016:2820) Important: memcached security update memcached-devel-1.4.4-3.el6_8.1.i686.rpm | Linux |
| (RHSA-2016:2820) Important: memcached security update memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm | Linux |
| Memcached update (ELSA-2016-2819) memcached-1.4.15-10.el7_3.1.x86_64.rpm | Linux |
| Memcached-devel update (ELSA-2016-2819) memcached-devel-1.4.15-10.el7_3.1.x86_64.rpm | Linux |
| Memcached-devel update (ELSA-2016-2819) memcached-devel-1.4.15-10.el7_3.1.i686.rpm | Linux |
| (CESA-2016:2819) Important: memcached security update memcached-1.4.15-10.el7_3.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234