CVE-2015-4335

Related Files

Gentoo Linux Security Advisory 201702-16

Posted Feb 21, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-16 - Multiple vulnerabilities have been found in Redis, the worst of which may allow execution of arbitrary code. Versions less than 3.2.5 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2015-4335, CVE-2015-8080, CVE-2016-8339

SHA-256 | 9127111b19cf10ffc2aa44e1f59855f478c26b916893ae32b98487b761c5699b

Download | Favorite | View

Red Hat Security Advisory 2015-1676-01

Posted Aug 24, 2015

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1676-01 - Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. A flaw was discovered in redis that could allow an authenticated user, who was able to use the EVAL command to run Lua code, to break out of the Lua sandbox and execute arbitrary code on the system. All users of redis are advised to upgrade to these updated packages, which correct this issue.

tags | advisory, arbitrary

systems | linux, redhat

advisories | CVE-2015-4335

SHA-256 | 7542ff0f7f8591ac2b7496069338aeb5f02634351c90ab819dece762771db9f3

Download | Favorite | View

Debian Security Advisory 3279-1

Posted Jun 10, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3279-1 - It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code.

tags | advisory, remote, arbitrary

systems | linux, debian

advisories | CVE-2015-4335

SHA-256 | 44cc61fc8f1ba9879daf5791dc2d49770c1c302d382127a68e0bd0f391707197

Download | Favorite | View