thr3ads.net - Secure testing team - [Secure-testing-team] Bug#579913: CVE-2010-1152: denial of service (daemon hang or crash) [May 2010]

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2010-May-02 09:31 UTC

[Secure-testing-team] Bug#579913: CVE-2010-1152: denial of service (daemon hang or crash)

Package: memcached
Severity: grave
Tags: security patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for memcached.

CVE-2010-1152[0]:
| memcached.c in memcached before 1.4.3 allows remote attackers to cause
| a denial of service (daemon hang or crash) via a long line that
| triggers excessive memory allocation.  NOTE: some of these details are
| obtained from third party information.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152
    http://security-tracker.debian.org/tracker/CVE-2010-1152

   
http://github.com/memcached/memcached/commit/75cc83685e103bc8ba380a57468c8f04413033f9
   
http://github.com/memcached/memcached/commit/d9cd01ede97f4145af9781d448c62a3318952719

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkvdRm4ACgkQNxpp46476apZygCeNVAwaPbcT+URQmPbber2zgGG
i/sAnR7fPheTXOk3NbIvwTdqQ2FWB7s2
=QfvN
-----END PGP SIGNATURE-----

Secure testing team - May 2010 - Bug#579913: CVE-2010-1152: denial of service (daemon hang or crash)

[Secure-testing-team] Bug#579913: CVE-2010-1152: denial of service (daemon hang or crash)