FreeBSD : redis -- multiple vulnerabilities (9b4806c1-257f-11ec-9db5-0800270512f4)

high Nessus Plugin ID 153892

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The Redis Team reports : CVE-2021-41099 Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured. CVE-2021-32762 Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on some older and less common platforms.
CVE-2021-32687 Integer to heap buffer overflow with intsets, when set-max-intset-entries is manually configured to a non-default, very large value. CVE-2021-32675 Denial Of Service when processing RESP request payloads with a large number of elements on many connections.
CVE-2021-32672 Random heap reading issue with Lua Debugger.
CVE-2021-32628 Integer to heap buffer overflow handling ziplist-encoded data types, when configuring a large, non-default value for hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value. CVE-2021-32627 Integer to heap buffer overflow issue with streams, when configuring a non-default, large value for proto-max-bulk-len and client-query-buffer-limit. CVE-2021-32626 Specially crafted Lua scripts may result with Heap buffer overflow.

Solution

Update the affected packages.

See Also

https://groups.google.com/g/redis-db/c/GS_9L2KCk9g

http://www.nessus.org/u?8ecac2fb

Plugin Details

Severity: High

ID: 153892

File Name: freebsd_pkg_9b4806c1257f11ec9db50800270512f4.nasl

Version: 1.4

Type: local

Published: 10/6/2021

Updated: 10/15/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2021-32762

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:redis, p-cpe:/a:freebsd:freebsd:redis-devel, p-cpe:/a:freebsd:freebsd:redis5, p-cpe:/a:freebsd:freebsd:redis6, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 10/5/2021

Vulnerability Publication Date: 10/4/2021

Reference Information

CVE: CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762, CVE-2021-41099