Hey Webmasters, are you lot using Memcached to boost the functioning of your website?
Beware! It powerfulness hold out vulnerable to remote hackers.
Three critical Remote Code Execution vulnerabilities convey been reported inward Memcached past times safety researcher Aleksandar Nikolich at Cisco Talos Group that expose major websites, including Facebook, Twitter, YouTube, Reddit, to hackers.
Memcached is a fabulous slice of open-source distributed caching organisation that allows objects to hold out stored inward memory. It has been designed to speed upwards dynamic spider web applications past times reducing stress on the database that helps administrators to growth functioning as well as scale spider web applications.
Memcached is widely used past times thousands upon thousands of websites, including pop social networking sites such every bit Facebook, Flickr, Twitter, Reddit, YouTube, Github, as well as many more.
Nikolich says that he discovered multiple integer overflow bugs inward Memcached that could hold out exploited to remotely run arbitrary code on the targeted system, thereby compromising the many websites that expose Memcache servers accessible over the Internet.
The vulnerabilities genuinely reside in "various Memcached functions that are used inward inserting, appending, prepending, or modifying key-value information pairs."
If exploited, the vulnerabilities could let attackers to post repeat specifically-crafted Memcached commands to the targeted servers.
Moreover, the flaws could also hold out exploited to leak sensitive procedure information that tin farther hold out used to bypass measure exploitation mitigations, similar ASLR (Address Space Layout Randomisation), making the attacks reliable as well as considerably "severe."
By default, Memcached service installed on your server is available to the basis on TCP port 11211, therefore it has ever been strongly recommended to throttle its access inside a trusted environment, behind the firewall.
So, if you lot convey non all the same updated your software to the latest unloose as well as Memcached service is publically accessible, an assailant tin precisely exploit these vulnerabilities to remotely pocket sensitive information cached past times the server without your knowledge.
What's fifty-fifty worse? These flaws could let hackers to supersede cached content alongside their malicious i inward gild to deface the website, serve phishing pages as well as malicious links to hijack victim's machine, placing hundreds of millions of online users at risk.
The integer overflow flaws inward Memcached deport on Memcached version 1.4.31 as well as earlier.
The researcher notified Memcached of the flaws as well as the fellowship solely took 2 days to construct a piece on 31st October.
Memcached says the critical remote code execution flaws "are related to the binary protocol every bit good every bit SASL authentication of the binary protocol," but has been fixed inward the latest release.
Customers are advised to apply the piece fifty-fifty to Memcached deployments inward "trusted" environments, every bit attackers alongside existing access could target vulnerable servers to motion laterally inside those networks.
Beware! It powerfulness hold out vulnerable to remote hackers.
Three critical Remote Code Execution vulnerabilities convey been reported inward Memcached past times safety researcher Aleksandar Nikolich at Cisco Talos Group that expose major websites, including Facebook, Twitter, YouTube, Reddit, to hackers.
Memcached is a fabulous slice of open-source distributed caching organisation that allows objects to hold out stored inward memory. It has been designed to speed upwards dynamic spider web applications past times reducing stress on the database that helps administrators to growth functioning as well as scale spider web applications.
Memcached is widely used past times thousands upon thousands of websites, including pop social networking sites such every bit Facebook, Flickr, Twitter, Reddit, YouTube, Github, as well as many more.
Nikolich says that he discovered multiple integer overflow bugs inward Memcached that could hold out exploited to remotely run arbitrary code on the targeted system, thereby compromising the many websites that expose Memcache servers accessible over the Internet.
The vulnerabilities genuinely reside in "various Memcached functions that are used inward inserting, appending, prepending, or modifying key-value information pairs."
- CVE-2016-8704: Memcached Server Append/Prepend Remote Code Execution Vulnerability
- CVE-2016-8705: Memcached Server Update Remote Code Execution Vulnerability
- CVE-2016-8706: Memcached Server SASL Authentication Remote Code Execution Vulnerability
Hackers Can Remotely Steal Sensitive Information
If exploited, the vulnerabilities could let attackers to post repeat specifically-crafted Memcached commands to the targeted servers.
Moreover, the flaws could also hold out exploited to leak sensitive procedure information that tin farther hold out used to bypass measure exploitation mitigations, similar ASLR (Address Space Layout Randomisation), making the attacks reliable as well as considerably "severe."
By default, Memcached service installed on your server is available to the basis on TCP port 11211, therefore it has ever been strongly recommended to throttle its access inside a trusted environment, behind the firewall.
So, if you lot convey non all the same updated your software to the latest unloose as well as Memcached service is publically accessible, an assailant tin precisely exploit these vulnerabilities to remotely pocket sensitive information cached past times the server without your knowledge.
What's fifty-fifty worse? These flaws could let hackers to supersede cached content alongside their malicious i inward gild to deface the website, serve phishing pages as well as malicious links to hijack victim's machine, placing hundreds of millions of online users at risk.
Patch your Memcached Server Now!
The integer overflow flaws inward Memcached deport on Memcached version 1.4.31 as well as earlier.
The researcher notified Memcached of the flaws as well as the fellowship solely took 2 days to construct a piece on 31st October.
Memcached says the critical remote code execution flaws "are related to the binary protocol every bit good every bit SASL authentication of the binary protocol," but has been fixed inward the latest release.
Customers are advised to apply the piece fifty-fifty to Memcached deployments inward "trusted" environments, every bit attackers alongside existing access could target vulnerable servers to motion laterally inside those networks.