CVE-2016-8704

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-8704

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-8704.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-8704

Related

Published

2017-01-06T21:59:01Z

Modified

2024-09-18T02:39:37.294613Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An integer overflow in the processbinappend_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

References

Affected packages

Alpine:v3.4 / memcached

Package

Name: memcached
Purl: pkg:apk/alpine/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.33-r0

Affected versions

1.*

1.4.5-r0

1.4.5-r1

1.4.6-r0

1.4.7-r0

1.4.10-r0

1.4.11-r0

1.4.13-r0

1.4.14-r0

1.4.15-r0

1.4.15-r1

1.4.15-r2

1.4.15-r3

1.4.15-r4

1.4.17-r0

1.4.18-r0

1.4.19-r0

1.4.20-r0

1.4.21-r0

1.4.21-r1

1.4.22-r0

1.4.22-r1

1.4.24-r0

1.4.25-r0

1.4.25-r1

1.4.25-r2

Alpine:v3.5 / memcached

Package

Name: memcached
Purl: pkg:apk/alpine/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.33-r0

Affected versions

1.*

1.4.5-r0

1.4.5-r1

1.4.6-r0

1.4.7-r0

1.4.10-r0

1.4.11-r0

1.4.13-r0

1.4.14-r0

1.4.15-r0

1.4.15-r1

1.4.15-r2

1.4.15-r3

1.4.15-r4

1.4.17-r0

1.4.18-r0

1.4.19-r0

1.4.20-r0

1.4.21-r0

1.4.21-r1

1.4.22-r0

1.4.22-r1

1.4.24-r0

1.4.25-r0

1.4.25-r1

1.4.25-r2

1.4.31-r0

1.4.32-r0

Debian:11 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.33-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.33-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.33-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/memcached/memcached

Affected ranges

Type: GIT
Repo: https://github.com/memcached/memcached
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c00dbc3927af71afb8c46c7416bd53a92fecfdb2

Affected versions

1.*

1.2.0

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.3.2

1.3.3

1.4-rc1

1.4.0

1.4.0-rc1

1.4.1

1.4.1-rc1

1.4.10

1.4.11

1.4.11-beta1

1.4.11-rc1

1.4.12

1.4.13

1.4.14

1.4.15

1.4.16

1.4.17

1.4.18

1.4.19

1.4.2

1.4.2-rc1

1.4.20

1.4.21

1.4.22

1.4.23

1.4.24

1.4.25

1.4.26

1.4.27

1.4.28

1.4.29

1.4.3

1.4.3-rc1

1.4.3-rc2

1.4.30

1.4.31

1.4.4

1.4.5

1.4.6

1.4.6-rc1

1.4.7

1.4.7-rc1

1.4.8

1.4.8-rc1

1.4.9