Reference: http://seclists.org/oss-sec/2016/q4/292 =================================================================== As per Talos page, there seems to be three issues. CVE-2016-8704 - Memcached server append/prepend remote code execution vulnerability An integer overflow in the process_bin_append_prepend function which is responsible for processing multiple commands of Memcached binary protocol can be abused to cause heap overflow and lead to remote code execution. http://www.talosintelligence.com/reports/TALOS-2016-0219/ CVE-2016-8705 - Memcached server update remote code execution vulnerability Multiple integer overflows in process_bin_update function which is responsible for processing multiple commands of Memcached binary protocol can be abused to cause heap overflow and lead to remote code execution. http://www.talosintelligence.com/reports/TALOS-2016-0220/ CVE-2016-8706 - Memcached server SASL authentication remote code execution vulnerability An integer overflow in process_bin_sasl_auth function which is responsible for authentication commands of Memcached binary protocol can be abused to cause heap overflow and lead to remote code execution. http://www.talosintelligence.com/reports/TALOS-2016-0221/ There is also a talos blog post about these issues: http://blog.talosintel.com/2016/10/memcached-vulnerabilities.html Thanks for sharing! ===================================================================