Test ID:	1.3.6.1.4.1.25623.1.0.901103
Category:	Denial of Service
Title:	Memcached < 1.4.3 DoS Vulnerability
Summary:	Memcached is prone to a denial of service (DoS) vulnerability.
Description:	Summary: Memcached is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to error in try_read_command() function that allows attacker to temporarily hang or potentially crash the server by sending an overly large number of bytes. Vulnerability Impact: Successful exploitation will allow an attacker to cause a DoS. Affected Software/OS: Memcached 1.4.2 and prior. Solution: Update to version 1.4.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1152 1023839 http://securitytracker.com/id?1023839 39306 http://secunia.com/advisories/39306 ADV-2011-0442 http://www.vupen.com/english/advisories/2011/0442 SUSE-SR:2010:012 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html SUSE-SR:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html [oss-security] 20100408 CVE request -- memcached http://marc.info/?l=oss-security&m=127074597129559&w=2 [oss-security] 20100408 Re: CVE request -- memcached http://marc.info/?l=oss-security&m=127075341110616&w=2 http://marc.info/?l=oss-security&m=127075808518733&w=2 http://blogs.sun.com/security/entry/input_validation_vulnerability_in_memcached http://code.google.com/p/memcached/issues/detail?id=102 http://github.com/memcached/memcached/commit/75cc83685e103bc8ba380a57468c8f04413033f9 http://github.com/memcached/memcached/commit/d9cd01ede97f4145af9781d448c62a3318952719
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.