Total vulnerabilities in the database
The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port.
| Software | From | Fixed in |
|---|---|---|
| memcachedb / memcached | 1.0.0-beta | 1.0.0-beta.x |
| memcachedb / memcached | - | 1.2.0.x |
| memcachedb / memcached | 1.2.1-beta | 1.2.1-beta.x |
| memcachedb / memcached | 1.0.4 | 1.0.4.x |
| memcachedb / memcached | 1.0.3 | 1.0.3.x |
| memcachedb / memcached | 0.0.3 | 0.0.3.x |
| memcachedb / memcached | 1.1.0-beta | 1.1.0-beta.x |
| memcachedb / memcached | 0.1.1 | 0.1.1.x |
| memcachedb / memcached | 1.0.1-beta | 1.0.1-beta.x |
| memcachedb / memcached | 0.1.0 | 0.1.0.x |
| memcachedb / memcached | 1.2.0-beta | 1.2.0-beta.x |
| memcachedb / memcached | 0.0.2 | 0.0.2.x |
| memcachedb / memcached | 1.0.2-beta | 1.0.2-beta.x |
| memcachedb / memcached | 0.0.4 | 0.0.4.x |
| memcachedb / memcached | 0.0.1 | 0.0.1.x |