CVE-2011-4971

memcached < 1.4.5 - Denial of Service via Integer Signedness Error

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4971. Includes Metasploit module auxiliary/dos/misc/memcached.

AI-analyzed exploit summary This Metasploit module exploits a denial-of-service vulnerability in memcached v1.4.15 or earlier by sending a malformed packet to trigger a segmentation fault. It checks the target's status post-exploitation to confirm the DoS.

Description

Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.

Exploits (1)

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/misc/memcached.rb

View Code ZIP pw:eip

This Metasploit module exploits a denial-of-service vulnerability in memcached v1.4.15 or earlier by sending a malformed packet to trigger a segmentation fault. It checks the target's status post-exploitation to confirm the DoS.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: memcached v1.4.15 or earlier

No auth needed

Prerequisites: Network access to the target's memcached port (default 11211)

MITRE ATT&CK