CVE-2013-7239

Published: 01 January 2014

memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.

Priority

Medium

Status

Package Release Status
memcached
Launchpad, Ubuntu, Debian
Upstream
Released (1.4.17,1.4.13-0.3)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.4.14-0ubuntu9)
Patches:
Upstream: https://github.com/memcached/memcached/commit/87c1cf0f20be20608d3becf854e9cf0910f4ad32