CVE-2009-1494

EPSS 0.52%

Published: 4/30/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-1494

Description

The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port.

Affected packages (1)

Debian/memcachedfrom 0, < 1.2.8-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1494