Debian has released a security advisory DSA-1853 for memcached: Ronald Volgers discovered that memcached, a high-performance memory object caching system, is vulnerable to several heap-based buffer overflows due to integer conversions when parsing certain length attributes. An attacker can use this to execute arbitrary code on the system running memcached (on etch with root privileges). http://www.debian.org/security/2009/dsa-1853 Attacker needs to have access to memcached's port. Additionally, memcached is run under dedicated non-privileged user on Fedora.
Created attachment 356858 [details] Debian patch for 1.2.2 (from DSA-1853-1) Patch extracted from Debian update for 1.2.2. Upstream fix for 1.2.8 should be this: http://consoleninja.net/code/memcached/memcached-1.2.8_proper_vlen_fix.patch
dormando will create a 1.2.9 that contains 1.2.8+this patch I'll spin out a new 1.2.9 versions.
I'm assuming that 1.4.0 has this fix since 1.2.9 was supposed to have this fix (hard to tell since the ChangeLog file is not up to date). However, Fedora 10 and 11 still have the 1.2.8 version. Where is the 1.2.9 version promised in comment #2?
memcached-1.2.8-2.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.