Bug 858677 (CVE-2013-7290) - VUL-1: CVE-2013-7290: memcached: remote DoS (segmentation fault) via a request to delete a key
Summary: VUL-1: CVE-2013-7290: memcached: remote DoS (segmentation fault) via a reques...
Status: RESOLVED INVALID
Alias: CVE-2013-7290
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-14 11:52 UTC by Sebastian Krahmer
Modified: 2018-03-26 14:43 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2014-01-14 11:52:31 UTC 
rh#1052863



References:
https://bugzilla.redhat.com/show_bug.cgi?id=1052863
Comment 1 Sebastian Krahmer 2014-01-14 11:53:26 UTC 
CVE-2013-7290
Comment 2 Swamp Workflow Management 2014-01-15 23:00:09 UTC 
bugbot adjusting priority
Comment 4 Sebastian Krahmer 2014-01-29 10:00:38 UTC 
low severity -> VUL-1
Comment 5 Bernhard Wiedemann 2014-06-25 14:00:47 UTC 
This is an autogenerated message for OBS integration:
This bug (858677) was mentioned in
https://build.opensuse.org/request/show/238633 13.1+12.3 / memcached
Comment 6 Swamp Workflow Management 2014-07-03 14:05:23 UTC 
openSUSE-SU-2014:0867-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 798458,817781,857188,858676,858677
CVE References: CVE-2011-4971,CVE-2013-0179,CVE-2013-7239,CVE-2013-7290,CVE-2013-7291
Sources used:
openSUSE 13.1 (src):    memcached-1.4.20-6.4.1
openSUSE 12.3 (src):    memcached-1.4.20-3.4.1
Comment 7 Marcus Rückert 2014-07-07 15:14:31 UTC 
those are the only bugs that still need some fixing on sle 11.
Comment 8 Swamp Workflow Management 2014-07-30 18:48:52 UTC 
openSUSE-SU-2014:0951-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 798458,817781,857188,858676,858677
CVE References: CVE-2011-4971,CVE-2013-0179,CVE-2013-7239,CVE-2013-7290,CVE-2013-7291
Sources used:
openSUSE 11.4 (src):    memcached-1.4.20-7.1
Comment 9 Johannes Segitz 2015-03-11 14:14:27 UTC 
this is not something that would happen on a production system (need to run as -vv). DOS on a dev system is not something we are concerned about.
Comment 10 Swamp Workflow Management 2018-03-22 16:29:25 UTC 
SUSE-SU-2018:0778-1: An update that fixes 9 vulnerabilities is now available.

Category: security (important)
Bug References: 1007869,1007870,1007871,1056865,798458,817781,857188,858676,858677
CVE References: CVE-2011-4971,CVE-2013-0179,CVE-2013-7239,CVE-2013-7290,CVE-2013-7291,CVE-2016-8704,CVE-2016-8705,CVE-2016-8706,CVE-2017-9951
Sources used:
SUSE OpenStack Cloud 7 (src):    memcached-1.4.39-3.3.2
SUSE Enterprise Storage 4 (src):    memcached-1.4.39-3.3.2
Comment 11 Swamp Workflow Management 2018-03-26 13:11:10 UTC 
SUSE-SU-2018:0807-1: An update that fixes 9 vulnerabilities is now available.

Category: security (important)
Bug References: 1007869,1007870,1007871,1056865,798458,817781,857188,858676,858677
CVE References: CVE-2011-4971,CVE-2013-0179,CVE-2013-7239,CVE-2013-7290,CVE-2013-7291,CVE-2016-8704,CVE-2016-8705,CVE-2016-8706,CVE-2017-9951
Sources used:
SUSE OpenStack Cloud 6 (src):    memcached-1.4.39-3.3.1