Pathetic patching leaves over 70,000 Memcached servers still up for grabs

7 years ago
July 24, 2017
0 replies
2 views

+54

Jasper_The_Rasper
Moderator
11531 replies

And that’s months after patches released and warning emails sent – sort it out!

By Iain Thomson in San Francisco 24 Jul 2017

If you're running the caching service Memcached, and particularly if you're exposing it to the public internet for some reason, please make sure you've patched it. Tens of thousands of vulnerable systems haven't.

Back in October, researchers at Cisco’s Talos security team found three major security vulnerabilities that would allow hackers easy access to running installations of version 1.4.31 of Memcached and earlier, with a critical flaw in the binary protocol and Simple Authentication and Security Layer (SASL) code. The holes were fixed, and users including big names like Facebook and Reddit were advised to get patching.

Full Article.

Be the first to reply!

And that’s months after patches released and warning emails sent – sort it out!

Reply

Related Topics

Cyber News Rundown Week of June 17th

Hackers take control of 300,000 home routers

Nastiest Malware 2023

Cyber News Rundown: Stolen data published from University of Duisburg-Essen breach

Cyber News Rundown: European law enforcement shut down car hackers

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded