CVE-2013-7291

NONE EPSS 56.2%
Published Jan 13, 201412y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 13, 2014 12y ago
Last Modified Jun 17, 2026 2w ago

Description

memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290.

Threat Intelligence

EPSS Exploit Probability
56.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 17

VendorProductVersionRange
memcachedmemcached* ≤1.4.16
memcachedmemcached1.4.0any
memcachedmemcached1.4.1any
memcachedmemcached1.4.2any
memcachedmemcached1.4.3any
memcachedmemcached1.4.4any
memcachedmemcached1.4.5any
memcachedmemcached1.4.6any
memcachedmemcached1.4.7any
memcachedmemcached1.4.8any
memcachedmemcached1.4.9any
memcachedmemcached1.4.10any
memcachedmemcached1.4.11any
memcachedmemcached1.4.12any
memcachedmemcached1.4.13any
memcachedmemcached1.4.14any
memcachedmemcached1.4.15any

References 3

Remediation

  • code.google.com https://code.google.com/p/memcached/issues/detail?id=306
    ExploitPatch
  • code.google.com https://code.google.com/p/memcached/wiki/ReleaseNotes1417
    Patch