{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-07-17T00:00:00", "descriptions": [{"lang": "en", "value": "The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-07T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-3588-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3588-1/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1439"}, {"name": "99874", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99874"}, {"name": "DSA-4218", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4218"}, {"tags": ["x_refsource_MISC"], "url": "https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/"}, {"tags": ["x_refsource_MISC"], "url": "https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-9951", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-3588-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3588-1/"}, {"name": "https://github.com/memcached/memcached/wiki/ReleaseNotes1439", "refsource": "MISC", "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1439"}, {"name": "99874", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99874"}, {"name": "DSA-4218", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4218"}, {"name": "https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/", "refsource": "MISC", "url": "https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/"}, {"name": "https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ", "refsource": "MISC", "url": "https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T17:24:59.972Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3588-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3588-1/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1439"}, {"name": "99874", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/99874"}, {"name": "DSA-4218", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4218"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-9951", "datePublished": "2017-07-17T06:00:00", "dateReserved": "2017-06-26T00:00:00", "dateUpdated": "2024-08-05T17:24:59.972Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:*", "matchCriteriaId": "9BBF21B9-EC29-439E-B875-913CC487A8C5", "versionEndIncluding": "1.4.38", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705."}, {"lang": "es", "value": "La funci\u00f3n try_read_command en el archivo memcached.c en memcached anterior a versi\u00f3n 1.4.39, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) por medio de una petici\u00f3n para agregar y configurar una clave, lo que hace una comparaci\u00f3n entre un int firmado y sin firmar y activa una lectura excesiva del b\u00fafer en la regi\u00f3n heap de la memoria. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para el CVE-2016-8705."}], "id": "CVE-2017-9951", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-17T13:18:30.970", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/99874"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1439"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3588-1/"}, {"source": "cve@mitre.org", "url": "https://www.debian.org/security/2018/dsa-4218"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/99874"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1439"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3588-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.debian.org/security/2018/dsa-4218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "memcached: Heap-based buffer over-read in try_read_command function (incomplete fix for CVE-2016-8705)", "id": "1471970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471970"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-119", "details": ["The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705."], "mitigation": {"lang": "en:us", "value": "This flaw is in the memcached binary protocol. If your client programs only use the ASCII protocol when communicating with memcached, you can disable the binary protocol and protect against this flaw by adding \"-B ascii\" to OPTIONS in /etc/sysconfig/memcached."}, "name": "CVE-2017-9951", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openstack:7", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)"}, {"cpe": "cpe:/a:redhat:mobile_application_platform:4", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat Mobile Application Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:11", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat OpenStack Platform 11 (Ocata)"}, {"cpe": "cpe:/a:redhat:openstack:12", "fix_state": "Not affected", "package_name": "memcached", "product_name": "Red Hat OpenStack Platform 12 (Pike)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Will not fix", "package_name": "memcached", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}], "public_date": "2017-07-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-9951\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-9951"], "statement": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}