Updated memcached package fixes multiple security vulnerabilitiesPublication date: 21 Jan 2014
Affected Mageia releases : 3
CVE: CVE-2013-0179 , CVE-2013-7239 , CVE-2013-7290 , CVE-2013-7291
Updated memcached packages fix security vulnerability: It was reported that SASL authentication could be bypassed due to a flaw related to the managment of the SASL authentication state. With a specially crafted request, a remote attacker may be able to authenticate with invalid SASL credentials (CVE-2013-7239). Multiple issues in memcached before 1.4.17 which allow remote attackers to cause a denial of service by sending a request that causes a crash when memcached is running in verbose mode (CVE-2013-0179, CVE-2013-7290, CVE-2013-7291).