Redis Insecure Temporary File Security Issue

by Carol~ Moderator - 1/15/13 1:13 PM

In Reply to: VULNERABILITIES / FIXES - January 15, 2013 by Carol~ Moderator

Release Date : 2013-01-15

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Vendor Patch

Software: Redis 2.x

Description:
A security issue has been reported in Redis, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application using a temporary file in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks.

The security issue is reported in version 2.4.18. Other versions may also be affected.

Solution:
Update to version 2.6.8.

Provided and/or discovered by:
Michael Scherer in a Red Hat bug report.

Original Advisory:
https://bugzilla.redhat.com/show_bug.cgi?id=894659

http://secunia.com/advisories/51803/