Intrusion Prevention

Redis.Lua.Scripting.Component.getnum.Integer.Overflow

Description

This indicates an attack attempt to exploit an Integer Overflow vulnerability in Redis.
The vulnerability is due to improper checking in the application when handling malicious requests. A remote attacker may be able exploit this to execute arbitrary code within the context of the application via crafted requests.

Affected Products

Redis Labs Redis 2:2.8.17-1 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://redis.io/download

CVE References

CVE-2015-8080