Oracle Linux 8 : redis:6 (ELSA-2021-3945)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3945 advisory. - fix denial of service via Redis Standard Protocol RESP request CVE-2021-32675 - fix lua scripts can overflow the heap-based Lua stack CVE-2021-32626 ...

Design/Logic Flaw

Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote co...

CVE-2020-25757

A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This affects DSR-150, DSR-250, DSR-500, and DSR-1000AC with firmware 3.14 and 3.17...

PoetRAT: Malware targeting public and private sector in Azerbaijan evolves

By Warren Mercer, Paul Rascagneres and Vitor Ventura. The Azerbaijan public sector and other important organizations are still targeted by new versions of PoetRAT.This actor leverages malicious Microsoft Word documents alleged to be from the Azerbaijan government.The attacker has moved from Pytho...

PT-2020-5052 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: The issue is related to insufficient restrictions on Lua function calls within the context of user-supplied Lua scripts in the Lua interpreter integrated in Cisco IOS XE...

CVE-2020-14939

An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...

Cisco Firepower Management Center RCE (cisco-sa-20191112-asa-ftd-lua-rce)

According to its self-reported VDB version, Cisco Firepower Management Center is affected by a remote code execution vulnerability. An attacker with valid administrative credentials can configure an Advanced Detector on the FMC web interface and submit a malicious Lua script which, when pushed to...

CVE-2018-4031

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without...

CVE-2018-4031

CVE-2018-4031 affects CUJO Smart Firewall firmware 7003. The safe-browsing component abuses Lunatik (kernel Lua) by injecting unsanitized Host header data into a Lua statement, enabling arbitrary code execution in the kernel. Exploitation can occur via crafted HTTP/HTTPS requests containing a mal...

CUJO Smart Firewall threatd hostname reputation check code execution vulnerability

Summary An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement...

Toshiba FlashAir does not require authentication in "Internet pass-thru Mode"

Overview FlashAir by Toshiba Corporation is a SDHC memory card which provides "Internet pass-thru Mode", allowing devices to access the internet while connecting to FlashAir. When configured in "Internet pass-thru Mode", FlashAir acts both as a station and as an access point. When "Internet...

High-Speed Packet Generator: MoonGen

MoonGen is a high-speed scriptable packet generator. The whole load generator is controlled by a Lua script: all packets that are sent are crafted by a user-provided script. Thanks to the incredibly fast LuaJIT VM and the packet processing library DPDK, it can saturate a 10 GBit Ethernet link wit...

CVE-2015-0228

The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function...

Oracle Solaris Third-Party Patch Update : wireshark (denial_of_service_vulnerability_in)

The remote Solaris system is missing necessary patches to address security updates : - The prototreeadditem function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loo...

openSUSE Security Update : wireshark (openSUSE-SU-2011:1142-1)

This update of wireshark fixes the following vulnerabilities : - CVE-2011-3266: Wireshark IKE dissector vulnerability - CVE-2011-3360: Wireshark Lua script execution vulnerability - CVE-2011-3483: Wireshark buffer exception handling vulnerability - CVE-2011-2597: Lucent/Ascend file parser...

Mandriva Linux Security Advisory : wireshark (MDVSA-2011:138)

This advisory updates wireshark to the latest version 1.6.2, fixing several security issues : The prototreeadditem function in Wireshark 1.6.1, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a...

Setuid Nmap Exploit

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

SuSE 11.1 Security Update : wireshark (SAT Patch Number 5281)

This update of wireshark fixes the following vulnerabilities : - Wireshark IKE dissector vulnerability. CVE-2011-3266 - Wireshark Lua script execution vulnerability. CVE-2011-3360 - Wireshark buffer exception handling vulnerability. CVE-2011-3483 - Lucent/Ascend file parser susceptible to infinit...

Wireshark console.lua Pre-Loading Script Execution

This module exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8 This...

Debian DSA-2324-1 : wireshark - programming error

The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...