CVE-2011-4971 Information

Description

Multiple integer signedness errors in the (1) process_bin_sasl_auth (2) process_bin_complete_sasl_auth (3) process_bin_update and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.

Reference

http://insecurety.net/?p=872 http://secunia.com/advisories/56183 http://www.debian.org/security/2014/dsa-2832 http://www.mandriva.com/security/advisories?name=MDVSA-2013:280 http://www.securityfocus.com/bid/59567 http://www.ubuntu.com/usn/USN-2080-1 https://code.google.com/p/memcached/issues/detail?id=192 https://puppet.com/security/cve/cve-2011-4971