CVE-2013-7291

EUVD-2013-7068
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.8 UNKNOWN
ADJACENT_NETWORK
HIGH
AV:A/AC:H/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
memcachedmemcached
𝑥
≤ 1.4.16
memcachedmemcached
1.4.0
memcachedmemcached
1.4.1
memcachedmemcached
1.4.2
memcachedmemcached
1.4.3
memcachedmemcached
1.4.4
memcachedmemcached
1.4.5
memcachedmemcached
1.4.6
memcachedmemcached
1.4.7
memcachedmemcached
1.4.8
memcachedmemcached
1.4.9
memcachedmemcached
1.4.10
memcachedmemcached
1.4.11
memcachedmemcached
1.4.12
memcachedmemcached
1.4.13
memcachedmemcached
1.4.14
memcachedmemcached
1.4.15
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
memcached
bookworm
1.6.18-1
fixed
bullseye
1.6.9+dfsg-1
fixed
sid
1.6.32-2
fixed
squeeze
no-dsa
trixie
1.6.32-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
memcached
lucid
ignored
precise
not-affected
quantal
not-affected
raring
not-affected
saucy
not-affected
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/64989
https://code.google.com/p/memcached/issues/detail?id=306
https://code.google.com/p/memcached/wiki/ReleaseNotes1417
http://www.securityfocus.com/bid/64989
https://code.google.com/p/memcached/issues/detail?id=306
https://code.google.com/p/memcached/wiki/ReleaseNotes1417