[Secure-testing-commits] r12505 - data/CVE

Fri Aug 7 16:00:39 UTC 2009

Author: nion
Date: 2009-08-07 16:00:39 +0000 (Fri, 07 Aug 2009)
New Revision: 12505

Modified:
   data/CVE/list
Log:
add new memcached/b issues (CVE-2009-2415)

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-08-07 15:37:34 UTC (rev 12504)
+++ data/CVE/list	2009-08-07 16:00:39 UTC (rev 12505)
@@ -803,8 +803,14 @@
 	RESERVED
 CVE-2009-2416
 	RESERVED
-CVE-2009-2415
+CVE-2009-2415 [heap-based buffer overflow in memcached]
 	RESERVED
+	{DSA-1853-1}
+	- memcached <unfixed> (medium; bug #540379)
+	- memcachedb <unfixed> (medium; bug #540381)
+	NOTE: the impact varies, on etch this runs as root and is not bound
+	NOTE: to the loopback interface by default, memcached is even distributed
+	NOTE: but fortunately not in a stable release.
 CVE-2009-2414
 	RESERVED
 CVE-2009-2413


