Memcachedb Memcached vulnerabilities

CVE-2010-1152 [MEDIUM] CWE-20 CVE-2010-1152: memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon h memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information.

CVE-2009-2415 [CRITICAL] CWE-189 CVE-2009-2415: Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.

CVE-2009-1255 [MEDIUM] CWE-200 CVE-2009-1255: The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the c The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat

CVE-2009-1494 [MEDIUM] CWE-200 CVE-2009-1494: The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port.