Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-7291

memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290.

Related bugs and status

CVE-2013-7291 (Candidate) is related to these bugs:

Bug #1177398: init-script status method doesn't handle instances correctly

Summary				In	Importance	Status
	1177398	init-script status method doesn't handle instances correctly		memcached (Ubuntu)	Medium	Fix Released
	1177398	init-script status method doesn't handle instances correctly		memcached (Debian)	Unknown	Fix Released

Bug #1462747: Please merge with latest upstream from Debian

Summary				In	Importance	Status
	1462747	Please merge with latest upstream from Debian		memcached (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://code.google.co...
CONFIRM: https://code.google.co...
BID: 64989