Pathetic patching leaves over 70,000 Memcached servers still up for grabs

And that’s months after patches released and warning emails sent – sort it out!

By Iain Thomson in San Francisco 24 Jul 2017

If you’re running the caching service Memcached, and particularly if you’re exposing it to the public internet for some reason, please make sure you’ve patched it. Tens of thousands of vulnerable systems haven’t.


Back in October, researchers at Cisco’s Talos security team found three major security vulnerabilities that would allow hackers easy access to running installations of version 1.4.31 of Memcached and earlier, with a critical flaw in the binary protocol and Simple Authentication and Security Layer (SASL) code. The holes were fixed, and users including big names like Facebook and Reddit were advised to get patching.


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico