openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)

This pdns-recursor version update fixes the following security issue and non secuirty issues. Update to upstream release 3.6.2. - boo906583: Degraded service through queries to queries to specific domains CVE-2014-8601 - Fixed broken localstatedir Update to upstream release 3.6.1. - gab14b4f:...

DEBIAN-CVE-2014-8990

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...

Cisco ASA Software SharePoint RAMFS Integrity and Lua Injection Vulnerabilities (CSCup54208 and CSCup54184)

According to its banner, the version of the Cisco ASA software on the remote device is affected by a vulnerability in its SSL VPN code due to improper validation of session information for the SSL VPN when a SharePoint handler is created. This allows a remote, authenticated attacker to overwrite...

Exploit for Improper Input Validation in D.J.Bernstein Djbdns

What is MaraDNS MaraDNS is a free open-source computer progra...

Cisco ASA Software Remote Authentication bypass vulnerability-vulnerability warning-the black bar safety net

0x01 vulnerability profile Cisco ASA Software part of the Management Interface authentication when there is validation logic problem, an attacker can bypass the authentication, the unauthorized operation. 0x02 vulnerability principles ! enter image description here By default, the ASA management...

Mandriva Linux Security Advisory : lua (MDVSA-2014:205)

Updated lua and lua5.1 packages fix security vulnerability : A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution CVE-2014-5461...

Updated lua and lua5.1 packages fix security vulnerability

A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution CVE-2014-5461...

MGASA-2014-0414 Updated lua and lua5.1 packages fix security vulnerability

A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution CVE-2014-5461...

Amazon Linux AMI : lua (ALAS-2014-402)

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments. C Tenable Network Security, Inc. The descriptive text...

CVE-2014-3399

Cisco ASA Software SSL VPN contains CVE-2014-3399: improper validation of session information during SharePoint handler creation allows an authenticated, remote attacker to overwrite RAMFS cache files or inject Lua scripts, causing a DoS (portal outage or system reload). Affected releases include...

Cisco ASA Software SharePoint RAMFS Integrity and Lua Injection Vulnerability

A vulnerability in the SSL VPN code of Cisco ASA Software could allow an authenticated, remote attacker to overwrite arbitrary files present on the RAMFS file system or inject Lua scripts. The vulnerability is due to insufficient validation of the code that handles session information for the SSL...

openSUSE Security Update : lua (openSUSE-SU-2014:1145-1)

lua was updated to fix an overflow in varargs functions CVE-2014-5461 ,bnc893824 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-549. The text description of this plugin is C SUS...

Medium: lua

Issue Overview: Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments. Affected Packages: lua Issue Correctio...

Wing FTP Server <= 4.3.8 Authenticated Command Execution Vulnerability

Wing FTP Server is prone to an authenticated command execution vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DLA-47-1 lua5.1 - security update

Bulletin has no description...

AZL-41108 CVE-2014-5461 affecting package ceph for versions less than 18.2.2-1

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...

CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...

DEBIAN-CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...

AZL-45036 CVE-2014-5461 affecting package compat-lua 5.1.5-17

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...

CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...