Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-8706 PoC — Memcached 数字错误漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2016/CVE-2016-8706.yaml
Associated Vulnerability
Title:Memcached 数字错误漏洞 (CVE-2016-8706)
Description:Memcached是美国软件开发者布莱德-菲兹派翠克(Brad Fitzpatrick)所研发的一套高性能的分布式内存对象缓存系统。该系统通过在内存中缓存数据和对象来减少读取数据库的次数,从而提高网站访问速度。 Memcached中的‘process_bin_sasl_auth’函数存在整数溢出漏洞。攻击者可利用该漏洞造成基于堆的缓冲区溢出,并执行远程代码。
Description
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
File Snapshot

 id: CVE-2016-8706

info:
  name: Memcached Server SASL Authentication - Remote Code Execution
  auth

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.