TECHNICAL BULLETIN
TECHNICAL BULLETIN
| PROBLEM: | Memcached is prone to multiple heap-based buffer-overflow vulnerabilities. |
| PLATFORM: | S.u.S.E. SLE 11 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 MandrakeSoft Linux Mandrake 2009.1 x86_64 MandrakeSoft Linux Mandrake 2009.1 MandrakeSoft Linux Mandrake 2009.0 x86_64 MandrakeSoft Linux Mandrake 2009.0 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Danga Interactive memcached 1.2.8 Danga Interactive memcached 1.2.7 |
| ABSTRACT: | The application fails to perform adequate boundary-checks on user-supplied data. |
| LINKS: | |
| DOE-CIRC BULLETIN: | http://www.doecirc.energy.gov/bulletins/t-211.shtml |
| OTHER LINKS: |
Security Focus http://www.securityfocus.com/bid/35989/info Secunia Website http://secunia.com/advisories/36133 Debian Website http://www.debian.org/security/2009/dsa-1853 |
| CVE: |
CVE-2009-2415 |
| IMPACT ASSESSMENT: | This risk is high. Attackers can exploit these issues to execute arbitrary code with superuser privileges. |
[***** Start CVE-2009-2415 *****]
Discussion:
Memcached, a high-performance memory object caching system, is vulnerable to several heap-based buffer overflows due to integer conversions when parsing certain length attributes.
Attackers can exploit these issues to execute arbitrary code with superuser privileges. Successfully exploiting this issue will compromise the affected application. Failed exploit attempts will result in a denial-of-service condition. There are readily available network utilities to exploit this issue.
Vulnerable Platforms:
S.u.S.E. SLE 11
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
MandrakeSoft Linux Mandrake 2009.1 x86_64
MandrakeSoft Linux Mandrake 2009.1
MandrakeSoft Linux Mandrake 2009.0 x86_64
MandrakeSoft Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Danga Interactive memcached 1.2.8
Danga Interactive memcached 1.2.7
Solution:
Updates are available to address this issue. Please see the below references for more information.
MandrakeSoft Linux Mandrake 2009.0 x86_64
* Mandriva memcached-1.2.8-0.1mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Linux Mandrake 2009.1 x86_64
* Mandriva memcached-1.2.8-0.1mdv2009.1.x86_64.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Enterprise Server 5
* Mandriva memcached-1.2.8-0.1mdvmes5.i586.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Linux Mandrake 2009.0
* Mandriva memcached-1.2.8-0.1mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Linux Mandrake 2009.1
* Mandriva memcached-1.2.8-0.1mdv2009.1.i586.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Enterprise Server 5 x86_64
* Mandriva memcached-1.2.8-0.1mdvmes5.x86_64.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Corporate Server 4.0
* Mandriva memcached-1.1.12-4.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/
* Mandriva memcached-1.1.12-4.2.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Corporate Server 4.0 x86_64
* Mandriva memcached-1.1.12-4.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/
* Mandriva memcached-1.1.12-4.2.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/
[***** End CVE-2009-2415 *****]
Voice: 866-941-2472
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov