Memcached is a free and open high-performance distributed system, which was introduced for caching objects in memory. This distributed system is storage of “key-value” type located in the operating memory and designed for small “portions” of arbitrary data. These data include string values, numerical values, and many more. Memcached is fully open development and is assembled and operated under UNIX, Windows, OS X and distributed under an open license.
Memcached is a general-purpose memory caching system. This is used to speed up dynamic-driven websites by caching data in RAM. Memcached is a free and open source software that runs on Unix based operating systems. There are many servers running Memcached. These websites are prone to multiple Buffer Overflow Vulnerabilities. A successful exploitation will let the attacker execute arbitrary code on the affected system via readily available network utilities.
The common Memcache commands as:-
The below code is an example of this vulnerability:-
The above code can be exploited as below.
The following is the data exchanged between the server and the client.
The impact include:-
Beagle recommends the following fixes:-