NVD

Id
42020  
Name
CVE-2013-7290  
Description
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.  
Reject
 
CVSS Version
2  
CVSS Score
1.8  
Severity
Low  
CVSS Base Score
1.8  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.2  
CVSS Vector
(AV:A/AC:H/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2014-01-13  
Modified Date
2014-01-14  
Seq
2013-7290  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
212160 42020 CVE-2013-7290 https://code.google.com/p/memcached/issues/detail?id=306  View
212161 42020 CVE-2013-7290 https://code.google.com/p/memcached/wiki/ReleaseNotes1417  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24266 JVNDB-2013-005841 Memcached の items.c の do_item_get 関数におけるサービス運用妨害 (DoS) の脆弱性 Memcached の items.c の do_item_get 関数には、verbose モードで実行している場合、サービス運用妨害 (セグメンテーション違反) 状態にされる脆弱性が存在します。 CVE-2013-7290 67232 CVE-2013-7290 42020 1.8 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005841.html 2013-12-20 2014-04-07 View