CVE-2010-1152
Published: 12 April 2010
memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information.
Notes
| Author | Note |
|---|---|
| jdstrand | 1.4.2-1ubuntu1 in Lucid only has a partial fix (the first patch) |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
memcached Launchpad, Ubuntu, Debian |
dapper |
Ignored
(reached end-of-life)
|
| hardy |
Ignored
(reached end-of-life)
|
|
| intrepid |
Needed
(reached end-of-life)
|
|
| jaunty |
Ignored
(reached end-of-life)
|
|
| karmic |
Ignored
(reached end-of-life)
|
|
| lucid |
Released
(1.4.2-1ubuntu2)
|
|
| maverick |
Not vulnerable
(1.4.5-1ubuntu1)
|
|
| natty |
Not vulnerable
(1.4.5-1ubuntu1)
|
|
| oneiric |
Not vulnerable
(1.4.5-1ubuntu1)
|
|
| upstream |
Released
(1.4.5-1)
|
|
|
Patches: upstream: http://github.com/memcached/memcached/commit/75cc83685e103bc8ba380a57468c8f04413033f9 upstream: http://github.com/memcached/memcached/commit/d9cd01ede97f4145af9781d448c62a3318952719 |
||