PT-2015-1300 · Redis+1 · Redis+1

Ben Murphy

Published

2015-06-06

Updated

2018-08-13

CVE-2015-4335

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Redis versions prior to 2.8.21 Redis versions 3.x prior to 3.0.2

Description The issue allows remote attackers to execute arbitrary Lua bytecode via the eval command. It is related to incorrect data type conversion in the deps/lua/src/ldo.c component of the Redis database management system. Exploitation of the issue may allow a remote attacker to execute arbitrary Lua bytecode using a specially crafted eval command.

Recommendations For Redis versions prior to 2.8.21, update to version 2.8.21 or later. For Redis versions 3.x prior to 3.0.2, update to version 3.0.2 or later. As a temporary workaround, consider restricting access to the eval command until a patch is available.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17CWE-136

Related Identifiers

ALT-PU-2015-1492

AZL-44232

BDU:2015-10357

CVE-2015-4335

DSA-3279-1

MGASA-2015-0244

RHSA-2015:1676

Affected Products

Alt Linux

Redis

PT-2015-1300 · Redis+1 · Redis+1

CVE-2015-4335

Weakness Enumeration

Related Identifiers

Affected Products

References · 27