redis -- Multiple vulnerabilities
Aviv Yahav reports:
By exploiting weaknesses in the Lua script execution
environment, an attacker with access to Redis can inject
Lua code that will execute with the (potentially higher)
privileges of another Redis user.
An attacker attempting to load a specially crafted Lua
script can cause NULL pointer dereference which will
result with a crash of the redis-server process.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright