And that’s months after patches released and warning emails sent – sort it out!
If you’re running the caching service Memcached, and particularly if you’re exposing it to the public internet for some reason, please make sure you’ve patched it. Tens of thousands of vulnerable systems haven’t.
Back in October, researchers at Cisco’s Talos security team found three major security vulnerabilities that would allow hackers easy access to running installations of version 1.4.31 of Memcached and earlier, with a critical flaw in the binary protocol and Simple Authentication and Security Layer (SASL) code. The holes were fixed, and users including big names like Facebook and Reddit were advised to get patching.
Powered by WPeMatico