← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2013-0179

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2013-0179
1
 
PublicDateAtUSN: 2013-01-15
2
 
Candidate: CVE-2013-0179
3
 
PublicDate: 2014-01-13
4
 
References:
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179
6
 
 https://usn.ubuntu.com/usn/usn-2080-1
7
 
Description:
8
 
 The process_bin_delete function in memcached.c in memcached 1.4.4 and other
9
 
 versions before 1.4.17, when running in verbose mode, allows remote
10
 
 attackers to cause a denial of service (segmentation fault) via a request
11
 
 to delete a key, which does not account for the lack of a null terminator
12
 
 in the key and triggers a buffer over-read when printing to stderr.
13
 
Ubuntu-Description:
14
 
Notes:
15
 
 jdstrand> requires '-vv' with is non-default
16
 
 mdeslaur> The second commit in the bug report was split out into two
17
 
 mdeslaur> additional CVEs, CVE-2013-7290 and CVE-2013-7291.
18
 
Bugs:
19
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698231
20
 
 https://code.google.com/p/memcached/issues/detail?id=306
21
 
 https://bugzilla.redhat.com/show_bug.cgi?id=895054
22
 
Priority: low
23
 
Discovered-by: Jeremy Sowden
24
 
Assigned-to: mdeslaur
25
 
 
26
 
Patches_memcached:
27
 
 upstream: https://github.com/memcached/memcached/commit/0f605245cf3f37c2efe4e225237ad17256ea2a34
28
 
 upstream: https://github.com/memcached/memcached/commit/fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
29
 
upstream_memcached: needs-triage
30
 
hardy_memcached: ignored (reached end-of-life)
31
 
lucid_memcached: ignored (reached end-of-life)
32
 
oneiric_memcached: ignored (reached end-of-life)
33
 
precise_memcached: released (1.4.13-0ubuntu2.1)
34
 
quantal_memcached: released (1.4.14-0ubuntu1.12.10.1)
35
 
raring_memcached: released (1.4.14-0ubuntu1.13.04.1)
36
 
saucy_memcached: released (1.4.14-0ubuntu4.1)
37
 
devel_memcached: released (1.4.14-0ubuntu9)
38