| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.64630 |
| Category: | Debian Local Security Checks |
| Title: | Debian Security Advisory DSA 1853-1 (memcached) |
| Summary: | Debian Security Advisory DSA 1853-1 (memcached) |
| Description: | The remote host is missing an update to memcached announced via advisory DSA 1853-1. Ronald Volgers discovered that memcached, a high-performance memory object caching system, is vulnerable to several heap-based buffer overflows due to integer conversions when parsing certain length attributes. An attacker can use this to execute arbitrary code on the system running memcached (on etch with root privileges). For the oldstable distribution (etch), this problem has been fixed in version 1.1.12-1+etch1. For the stable distribution (lenny), this problem has been fixed in version 1.2.2-1+lenny1. For the testing (squeeze) and unstable (sid) distribution , this problem will be fixed soon. We recommend that you upgrade your memcached packages. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%201853-1 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-2415 Debian Security Information: DSA-1853 (Google Search) http://www.debian.org/security/2009/dsa-1853 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00836.html BugTraq ID: 35989 http://www.securityfocus.com/bid/35989 http://osvdb.org/56906 http://secunia.com/advisories/36133 http://secunia.com/advisories/37729 |
| Copyright | Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.