E20-9smr1
CVSS:
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
False Positive:
f
Variants:
1
Year:
2020
Description
This strike exploits a stack-based buffer overflow vulnerability in Memcached.
This vulnerability is due to a lack of bounds checking in the 'try_read_command_binary' function while processing binary commands.
A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted packet to the vulnerable service.
Successful exploitation could result in code execution in the context of the memcached daemon and/or trigger a denial-of-service condition.