EUVD-2021-19456

Malware in sbrugna...

Rocky Linux 8 : redis:6 (RLSA-2021:2034)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:2034 advisory. - Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6...

ROS-2-873

2.873 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

Integer overflow

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

Oracle Linux 8 : redis:6 (ELSA-2021-2034)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2034 advisory. 6.0.9-3 - fix integer overflow via STRALGO LCS command CVE-2021-29477 Tenable has extracted the preceding description block directly from the Oracle Linux...

redis:6 security update

6.0.9-3 - fix integer overflow via STRALGO LCS command CVE-2021-29477...

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : redis:6 (RHSA-2021:2034)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2034 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

Remote Code Execution

redis is vulnerable to remote code execution. An integer overflow occurs during the execution of a STRALGO LCS command, resulting in heap corruption and potential code execution...

CVE-2021-29477

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. The...

CVE-2021-29477

Redis fixes CVE-2021-29477: an integer overflow in STRALGO LCS on Redis 6.0+ that could allow remote code execution by crafting a command sequence. Patched in Redis 6.2.3 and 6.0.13; subsequent advisories note fixes in 6.2.4 and 6.0.14. Workarounds include ACLs to block STRALGO LCS and, on 64-bit...

FreeBSD : redis -- multiple vulnerabilities (1606b03b-ac57-11eb-9bdd-8c164567ca3c)

Redis project reports : Vulnerability in the STRALGO LCS command An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. Vulnerability in the COPY command for large intsets An...