Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Redis 缓冲区错误漏洞
Vulnerability Description
Redis是美国Redis Labs公司赞助的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值(Key-Value)存储数据库,并提供多种语言的API。 Redis 3.2.4之前的3.2.x版本中存在缓冲区溢出漏洞。攻击者可通过发送特制的命令利用该漏洞造成任意代码执行,通过特制的Redis数据结构存储的CONFIG SET命令造成越边界写入。
CVSS Information
N/A
Vulnerability Type
N/A