APP: Memcached process_bin_sasl_auth Integer Underflow
This signature detects attempts to exploit a known vulnerability in memcached. A remote unauthenticated attacker can exploit these vulnerabilities by sending a specially crafted packet to memcached. This can lead to a buffer overflow and possible code execution in the context of the user.
Extended Description
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Affected Products
Memcached memcached
References
CVE: CVE-2016-8706
Short Name
APP:MISC:MEMCACHED-IU
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
CVE-2016-8706 Integer Memcached Underflow process_bin_sasl_auth
Release Date
12/12/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
Port
tcp/11211
False Positive
Unknown
Vendors
Memcached
CVSS Score
6.8