Memcached
CVE-2018-1000115
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
AnalysisAI
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400), which allows attackers to cause denial of service by exhausting system resources. Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default. Affected products include: Memcached, Canonical Ubuntu Linux, Debian Debian Linux, Redhat Openstack. Version information: version 1.5.5.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Implement rate limiting, set resource quotas, validate input sizes, use timeouts.
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multipl
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple com
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. R
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of ser
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary pr
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. Rated hi
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used inste
Observable timing discrepancy in memcached prior to version 1.6.42 enables remote attackers to enumerate valid SASL auth
In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. Rated hi
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in d
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today