CVE-2015-8080
CVSS5.0
发布时间 :2016-04-13 11:59:04
修订时间 :2017-06-30 21:29:24
NMPS    

[原文]Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.


[CNNVD]CNNVD数据暂缺。


[机译]Google 翻译(企业版):

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-189 [数值错误]

- CPE (受影响的平台与产品)

cpe:/a:pivotal_software:redis:3.0.4
cpe:/a:pivotal_software:redis:3.0.5
cpe:/a:pivotal_software:redis:3.0.2
cpe:/a:pivotal_software:redis:3.0.3
cpe:/a:pivotal_software:redis:3.0.0
cpe:/a:pivotal_software:redis:3.0.1
cpe:/o:debian:debian_linux:8.0
cpe:/a:pivotal_software:redis:2.8.23

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8080
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8080
(官方数据源) NVD

- 其它链接及资源

http://lists.opensuse.org/opensuse-updates/2016-05/msg00126.html
(UNKNOWN)  SUSE  openSUSE-SU-2016:1444
http://rhn.redhat.com/errata/RHSA-2016-0095.html
(UNKNOWN)  REDHAT  RHSA-2016:0095
http://rhn.redhat.com/errata/RHSA-2016-0096.html
(UNKNOWN)  REDHAT  RHSA-2016:0096
http://rhn.redhat.com/errata/RHSA-2016-0097.html
(UNKNOWN)  REDHAT  RHSA-2016:0097
http://www.debian.org/security/2015/dsa-3412
(UNKNOWN)  DEBIAN  DSA-3412
http://www.openwall.com/lists/oss-security/2015/11/06/2
(UNKNOWN)  MLIST  [oss-security] 20151106 Review+CVE request: multiple issues in redis EVAL command (lua sandbox)
http://www.openwall.com/lists/oss-security/2015/11/06/4
(UNKNOWN)  MLIST  [oss-security] 20151106 Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox)
http://www.securityfocus.com/bid/77507
(UNKNOWN)  BID  77507
https://github.com/antirez/redis/issues/2855
(PATCH)  MISC  https://github.com/antirez/redis/issues/2855
https://raw.githubusercontent.com/antirez/redis/2.8/00-RELEASENOTES
(UNKNOWN)  CONFIRM  https://raw.githubusercontent.com/antirez/redis/2.8/00-RELEASENOTES
https://raw.githubusercontent.com/antirez/redis/3.0/00-RELEASENOTES
(UNKNOWN)  CONFIRM  https://raw.githubusercontent.com/antirez/redis/3.0/00-RELEASENOTES
https://security.gentoo.org/glsa/201702-16
(UNKNOWN)  GENTOO  GLSA-201702-16

- 漏洞信息 (F134631)

Debian Security Advisory 3412-1 (PacketStormID:F134631)
2015-12-04 00:00:00
Debian  debian.org
advisory,remote,denial of service,overflow
linux,debian
CVE-2015-8080
[点击下载]

Debian Linux Security Advisory 3412-1 - Luca Bruno discovered an integer overflow flaw leading to a stack-based buffer overflow in redis, a persistent key-value database. A remote attacker can use this flaw to cause a denial of service (application crash).

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3412-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
December 03, 2015                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : redis
CVE ID         : CVE-2015-8080
Debian Bug     : 804419

Luca Bruno discovered an integer overflow flaw leading to a stack-based
buffer overflow in redis, a persistent key-value database. A remote
attacker can use this flaw to cause a denial of service (application
crash).

For the stable distribution (jessie), this problem has been fixed in
version 2:2.8.17-1+deb8u3.

For the testing distribution (stretch), this problem has been fixed
in version 2:3.0.5-4.

For the unstable distribution (sid), this problem has been fixed in
version 2:3.0.5-4.

We recommend that you upgrade your redis packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWYK6yAAoJEAVMuPMTQ89EsxgQAKBIzZXDvsdboKXtLpBHVB1A
t3pv76kgLGFb29XfHGMdpg3GHyZiAyVWuRfZM6JUZ89tbprz/UgDfWDO6ClDJaA2
Az6s8IJs74zSy7bY76A1NDh+Xmk8jvf+mWGQ4VhLNvaMEHQ6r1/8kw92a+2Prr/p
sVShuc+qZOM5znxaCcc+JX3XLfbFO9Ah5HD3G1KX9J6zoeLnsO9c8FM7MubJvrMs
MTYM9rPMI0MdleB/YYGbEnId/v77ViJmodZJU6lirGINN56KPM9kpfcbRe6Ihheo
X+CxRnP6DKnmFnLLnUyqH/+r7FplwJHrg3Tswt4f/phvqJAaeVZ2/2NT0AVDzj58
kAfLJs36h8KO/LCdhO71gFRDXHagZg4WYvFgvD452ZGkkmbtj9iR7yvk0DWQ4DW0
sxfPTIOxvId0pJPuwBVho2hEav/uFTyiNXErM554i/BQYM6VP9rUhztj/Noqk9MD
MakUtIenjRB4vvZIZOLeLF8pDEXCBhhjXDCK5zPj4XTRtiTlH8V/9tBhKJUyGq6x
GKhKm+quMW1+YLPW9FvytfoWSNuR77SPpU++5DvcbUaqu53zt2119W0gsfU1cWQG
CFkQLuohXhDY2G/pfpUFtnKcb+jRT9a6OChkxgqTTQAb4TLBlJeITcFeoETKMMQC
H7KAZEwOLq5ry7tVH0BF
=d5eA
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F141185)

Gentoo Linux Security Advisory 201702-16 (PacketStormID:F141185)
2017-02-21 00:00:00
Gentoo  security.gentoo.org
advisory,arbitrary,vulnerability
linux,gentoo
CVE-2015-4335,CVE-2015-8080,CVE-2016-8339
[点击下载]

Gentoo Linux Security Advisory 201702-16 - Multiple vulnerabilities have been found in Redis, the worst of which may allow execution of arbitrary code. Versions less than 3.2.5 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201702-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Redis: Multiple vulnerabilities
     Date: February 20, 2017
     Bugs: #551274, #565188, #595730
       ID: 201702-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Redis, the worst of which
may allow execution of arbitrary code.

Background
==========

Redis is an open source (BSD licensed), in-memory data structure store,
used as a database, cache and message broker.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  dev-db/redis                 < 3.2.5                    >= 3.2.5
                                                             >= 3.0.7

Description
===========

Multiple vulnerabilities have been discovered in Redis. Please review
the CVE identifiers referenced below for details.

Impact
======

A remote attacker, able to connect to a Redis instance, could issue
malicious commands possibly resulting in the execution of arbitrary
code with the privileges of the process or a Denial of Service
condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Redis 3.0.x users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=dev-db/redis-3.0.7"

All Redis 3.2.x users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=dev-db/redis-3.2.5"

References
==========

[ 1 ] CVE-2015-4335
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4335
[ 2 ] CVE-2015-8080
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8080
[ 3 ] CVE-2016-8339
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8339

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201702-16

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


--ni0pxSI5S8US8BO5Txv8mLxJsoKokCOvK--

    

- 漏洞信息

Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
Boundary Condition Error 77507
Yes No
2015-11-06 12:00:00 2015-11-06 12:00:00
Luca Bruno

- 受影响的程序版本

- 漏洞讨论

Antirez Redis is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of a user running the affected application. Failed exploit attempts may crash the application, denying service to legitimate users.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站