ID de Prueba:	1.3.6.1.4.1.25623.1.0.146845
Categoría:	Databases
Título:	Redis Integer Overflow Vulnerability (GHSA-f434-69fm-g45v)
Resumen:	Redis is prone to an integer overflow vulnerability.
Descripción:	Summary: Redis is prone to an integer overflow vulnerability. Vulnerability Insight: An integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. Affected Software/OS: Redis version 5.0 and later. Solution: Update to version 5.0.14, 6.0.16, 6.2.6 or later. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-32627 https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v https://security.netapp.com/advisory/ntap-20211104-0003/ Debian Security Information: DSA-5001 (Google Search) https://www.debian.org/security/2021/dsa-5001 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ https://security.gentoo.org/glsa/202209-17 https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3 https://www.oracle.com/security-alerts/cpuapr2022.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.