[3.2] memcached: Multiple issues (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706)
CVE-2016-8704: Server append/prepend remote code execution
An integer overflow in the process_bin_append_prepend function which
is responsible for processing multiple
commands of Memcached binary protocol can be abused to cause heap
overflow and lead to remote code execution.
Fixed In Version:
memcached 1.4.33
References:
https://marc.info/?l=oss-security&m=147799200720936&w=2
http://www.talosintelligence.com/reports/TALOS-2016-0219/
Patch:
https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
CVE-2016-8705 : Server update remote code execution
Multiple integer overflows in process_bin_update function which is
responsible for processing multiple
commands of Memcached binary protocol can be abused to cause heap
overflow and lead to remote code execution.
Fixed In Version:
memcached 1.4.33
References:
https://marc.info/?l=oss-security&m=147799200720936&w=2
http://www.talosintelligence.com/reports/TALOS-2016-0220/
Patch:
https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
CVE-2016-8706: SASL authentication remote code execution
An integer overflow in process_bin_sasl_auth function which is
responsible for authentication commands of
Memcached binary protocol can be abused to cause heap overflow and lead
to remote code execution.
Fixed In Version:
memcached 1.4.33
References:
https://marc.info/?l=oss-security&m=147799200720936&w=2
http://www.talosintelligence.com/reports/TALOS-2016-0221/
Patch:
https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
(from redmine: issue id 6448, created on 2016-11-09, closed on 2017-09-05)
- Relations:
- parent #6444 (closed)
- Changesets:
- Revision 7df38412 by Sergei Lukin on 2016-12-13T09:26:16Z:
main/memcached: security upgrade to 1.4.33 - fixes: #6448
(CVE-2016-8704, CVE-2016-8705, CVE-2016-8706)