The process_bin_delete function in memcached.c in...
Low severity
Unreviewed
Published
May 5, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Jan 13, 2014
Published to the GitHub Advisory Database
May 5, 2022
Last updated
Feb 1, 2023
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr.
References