3315 matches found
DEBIAN-CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
AZL-45036 CVE-2014-5461 affecting package compat-lua 5.1.5-17
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
AZL-41108 CVE-2014-5461 affecting package ceph for versions less than 18.2.2-1
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
Buffer overflow
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
CVE-2014-5461
CVE-2014-5461 affects Lua 5.1–5.2.x prior to 5.2.3 due to a heap/buffer overflow in the vararg handling in ldo.c. This can cause a crash (denial of service) when a function with many fixed arguments is called with only a small number of arguments. Affected versions include Lua 5.1 through 5.2.x b...
Wing FTP Server Authenticated Command Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::CmdStager include Msf::Exploit::Remote::HttpClient def...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
Ubuntu 14.04 LTS : Lua vulnerability (USN-2338-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2338-1 advisory. It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua...
USN-2338-1: Lua vulnerability
It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-2338-1 lua5.1 vulnerability
It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code...
[SECURITY] [DSA 3016-1] lua5.2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3016-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2014 http://www.debian.org/security/faq -...
Lua buffer overflow
Buffer overflow on function call with large number of arguments...
Debian Security Advisory DSA 3015-1 (lua5.1 - security update)
A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution. OpenVAS Vulnerability Test...
Wing FTP Server - (Authenticated) Command Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wing FTP Server Authenticated Command Execution', 'Description' = %q This module exploits the embedded Lua interpreter in the admin w...
Wing FTP Server Authenticated Command Execution Exploit
This Metasploit module exploits the embedded Lua interpreter in the admin web interface for versions 4.3.8 and below. When supplying a specially crafted HTTP POST request an attacker can use os.execute to execute arbitrary system commands on the target with SYSTEM privileges. This module requires...
Wing FTP Server Authenticated Command Execution
This module exploits the embedded Lua interpreter in the admin web interface for versions 3.0.0 and above. When supplying a specially crafted HTTP POST request an attacker can use os.execute to execute arbitrary system commands on the target with SYSTEM privileges. This module requires Metasploit...
Wing FTP Server Authenticated Command Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wing FTP Server Authenticated Command Execution', 'Description' = %q This module exploits the embedded Lua interpreter in the admin w...