14 matches found
Mageia: Security Advisory (MGASA-2016-0295)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in redis affect PowerKVM (CVE-2015-4335, CVE-2013-7458)
Summary PowerKVM is affected by vulnerabilities in redis. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2015-4335 DESCRIPTION: Redis could allow a remote attacker to bypass security restrictions, caused by the insecure loading of Lua bytcode by the loadstring...
Pivotal Software Redis < 3.2.3 Local Information Disclosure
The version of Redis installed on the remote host is affected by a local information disclosure and therefore requires a security update. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid109322; scriptversion"1.5";...
Fedora 24 : redis (2017-4b176c1694)
Upstream 3.2.8 ---- Upstream 3.2.7 important security fix ---- Security fix for CVE-2013-7458 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
FreeBSD : redis -- sensitive information leak through command history file (fa175f30-8c75-11e6-924a-60a44ce6887b)
Redis team reports : The redis-cli history file in linenoise is created with the default OS umask value which makes it world readable in most systems and could potentially expose authentication credentials to other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
CVE-2013-7458
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .redisclihistory, which allows local users to obtain sensitive information by reading the file...
CVE-2013-7458
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .redisclihistory, which allows local users to obtain sensitive information by reading the file...
CVE-2013-7458
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .redisclihistory, which allows local users to obtain sensitive information by reading the file...
CVE-2013-7458
Redis before 3.2.3 uses world-readable permissions for the linenoise history file (.rediscli_history), enabling local users to read sensitive information. This CVE-2013-7458 describes a local information disclosure due to file permissions. Connected sources corroborate the affected component (lin...
CVE-2013-7458
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .redisclihistory, which allows local users to obtain sensitive information by reading the file...
openSUSE Security Update : redis (openSUSE-2016-945)
This update for redis fixes the following issues : - CVE-2013-7458: unsafe permissions of command line history boo991250 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-945. The...
OPENSUSE-SU-2016:1981-1 Security update for redis
This update for redis fixes the following issues: - CVE-2013-7458: unsafe permissions of command line history boo991250...
OPENSUSE-SU-2016:1980-1 Security update for redis
This update for redis fixes the following issues: - CVE-2013-7458: unsafe permissions of command line history boo991250...
[SECURITY] [DSA 3634-1] redis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3634-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 30, 2016 https://www.debian.org/security/faq -...