Memcached Code Execution Vulnerabilities — Intruder Vulnerability Bulletin
SHARE
back to BLOG

Memcached Code Execution Vulnerabilities — Intruder Vulnerability Bulletin

David Robinson

A number of new vulnerabilities in Memcached were recently discovered, which affect versions of the software before 1.4.33.

If successfully exploited, these weaknesses allow a remote attacker to compromise the affected system by executing arbitrary commands.

Exposing unnecessary services to the Internet always carries the risk that a vulnerability will be discovered and create an entry point for an attacker. That’s why we’ve been advising our customers to lock down unnecessary services like Memcached since we created the Intruder continuous security monitoring service last year.

Intruder recommends restricting access to (eg. firewalling), and patching any affected systems across your estate as a matter of urgency.

Further details of the vulnerabilities can be found at:

http://blog.talosintel.com/2016/10/memcached-vulnerabilities.html

Written by

David Robinson

Recommended articles

Ready to get started with your 30-day trial?

try for free
BACK TO TOP