13 matches found
CVE-2015-4335
creationtimestamp| type| source ---|---|--- 2026-04-02 01:39:34+00:00| seen| https://gist.github.com/1191448/946f0101cc66a8dc8eec649ea42cf1c9...
RHEL 7 : redis security advisory (Moderate) (RHSA-2015:1676)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1676 advisory. Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sort...
Mageia: Security Advisory (MGASA-2015-0244)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in redis affect PowerKVM (CVE-2015-4335, CVE-2013-7458)
Summary PowerKVM is affected by vulnerabilities in redis. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2015-4335 DESCRIPTION: Redis could allow a remote attacker to bypass security restrictions, caused by the insecure loading of Lua bytcode by the loadstring...
Pivotal Software Redis < 2.8.21 / 3.x < 3.0.2 RCE
The version of Redis installed on the remote host is affected by a remote code execution vulnerability. An attacker can exploit this issue via the eval command to execute arbitrary Lua bytecote. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
openSUSE Security Update : redis (openSUSE-2015-634)
redis was updated to version 2.8.22 boo934048 to fix a LUA sandbox update. CVE-2015-4335 Details can be found on http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-esc ape/ For the other changes see in the package: /usr/share/doc/packages/redis/00-RELEASENOTES %NASLMINLEVEL 70300 ...
Fedora 22 : redis-2.8.21-1.fc22 (2015-9498)
Upstream 2.8.21 - Fix Lua sandbox escape and arbitrary code execution RHBZ 1228331 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora Update for redis FEDORA-2015-9488
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for redis FEDORA-2015-9498
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-4335
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...
Debian DSA-3279-1 : redis - security update
It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
[SECURITY] [DSA 3279-1] redis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3279-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini June 06, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3279-1 (redis - security update)
It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code. OpenVAS Vulnerability Test $Id: deb3279.nasl 6609 2017-07-07 12:05:59Z...