oss-sec mailing list archives
CVE Request: redis: World readable .rediscli_history
From: Salvatore Bonaccorso <carnil () debian org>
Date: Thu, 28 Jul 2016 09:32:34 +0200
Hi
From the Debian bug report at https://bugs.debian.org/832460: redis-cli stores its history in ~/.rediscli_history, this file is created with permissions 0644. Home folders are world readable as well in debian, so any user can access other users redis history, including AUTH commands, which include credentials. I've contacted upstream on 2016-05-30 without any reaction at all and discovered this bug was first reported 3 years ago, still unfixed. @RedisLabs keeps referring to their paid support on twitter. Demo: `cat /home/*/.rediscli_history`
Upstream report: https://github.com/antirez/redis/issues/3284 Could you please assign a CVE for this issue in redis? Regards, Salvatore
Current thread:
- CVE Request: redis: World readable .rediscli_history Salvatore Bonaccorso (Jul 28)
- Re: CVE Request: redis: World readable .rediscli_history cve-assign (Jul 28)