CVE-2009-1494

Memcached 1.2.8 - Exposure of Sensitive Information via Stats Malloc Command

Title source: llm
STIX 2.1

Description

The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port.

Scores

EPSS 0.0149
EPSS Percentile 71.1%

Details

CWE
CWE-200
Status published
Products (1)
memcachedb/memcached 1.2.8
Published Apr 30, 2009
Tracked Since Feb 18, 2026