CVE-2013-7239

Sažetak

memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.

Reference

http://seclists.org/oss-sec/2013/q4/572
http://secunia.com/advisories/56183
http://www.debian.org/security/2014/dsa-2832
http://www.securityfocus.com/bid/64559
http://www.ubuntu.com/usn/USN-2080-1
https://code.google.com/p/memcached/wiki/ReleaseNotes1417

CVSS

Base:	4.8
Impact:	4.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:A/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

25-03-2018 - 01:29

Objavljeno

13-01-2014 - 21:55