Debian Memcached vulnerabilities

CVE-2009-2415 [CRITICAL] CVE-2009-2415: memcached - Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers ... Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows. Scope: local bookworm: resolved (fixed in 1.4.1-1) bullseye: resolved (fixed in 1.4.1-1) forky: resolved (fixed in 1.4.1-1) sid: resolved (fixed in 1.4.1-1) trixie: resolved (f

CVE-2009-1494 [MEDIUM] CVE-2009-1494: memcached - The process_stat function in Memcached 1.2.8 discloses memory-allocation statist... The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port. Scope: local bookworm: resolved (fixed in 1.2.8-1) bullseye: resolved (fixed in 1.2.8-1) forky: resolved (fixed in 1.2.

CVE-2009-1255 [MEDIUM] CVE-2009-1255: memcached - The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0... The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protecti