Blog
Vulnerabilities and Threats

Memcached Code Execution Vulnerabilities — Intruder Vulnerability Bulletin

David Robinson
Author
David Robinson

Key Points

A number of new vulnerabilities in Memcached were recently discovered, which affect versions of the software before 1.4.33.

If successfully exploited, these weaknesses allow a remote attacker to compromise the affected system by executing arbitrary commands.

Exposing unnecessary services to the Internet always carries the risk that a vulnerability will be discovered and create an entry point for an attacker. That’s why we’ve been advising our customers to lock down unnecessary services like Memcached since we created the Intruder continuous security monitoring service last year.

Intruder recommends restricting access to (eg. firewalling), and patching any affected systems across your estate as a matter of urgency.

Further details of the vulnerabilities can be found at:

http://blog.talosintel.com/2016/10/memcached-vulnerabilities.html

Get our free

Ultimate Guide to Vulnerability Scanning

Learn everything you need to get started with vulnerability scanning and how to get the most out of your chosen product with our free PDF guide.

Sign up for your free 14-day trial

7 days free trial