3291 matches found
AZL-45036 CVE-2014-5461 affecting package compat-lua 5.1.5-17
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
Buffer overflow
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
Wing FTP Server Authenticated Command Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::CmdStager include Msf::Exploit::Remote::HttpClient def...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
Ubuntu 14.04 LTS : Lua vulnerability (USN-2338-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2338-1 advisory. It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
CVE-2014-5461
CVE-2014-5461 affects Lua 5.1–5.2.x prior to 5.2.3 due to a heap/buffer overflow in the vararg handling in ldo.c. This can cause a crash (denial of service) when a function with many fixed arguments is called with only a small number of arguments. Affected versions include Lua 5.1 through 5.2.x b...
USN-2338-1: Lua vulnerability
It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-2338-1 lua5.1 vulnerability
It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code...
[SECURITY] [DSA 3016-1] lua5.2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3016-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2014 http://www.debian.org/security/faq -...
Lua buffer overflow
Buffer overflow on function call with large number of arguments...
Wing FTP Server - (Authenticated) Command Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wing FTP Server Authenticated Command Execution', 'Description' = %q This module exploits the embedded Lua interpreter in the admin w...
Debian Security Advisory DSA 3015-1 (lua5.1 - security update)
A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution. OpenVAS Vulnerability Test...
Wing FTP Server Authenticated Command Execution Exploit
This Metasploit module exploits the embedded Lua interpreter in the admin web interface for versions 4.3.8 and below. When supplying a specially crafted HTTP POST request an attacker can use os.execute to execute arbitrary system commands on the target with SYSTEM privileges. This module requires...
Wing FTP Server Authenticated Command Execution
This module exploits the embedded Lua interpreter in the admin web interface for versions 3.0.0 and above. When supplying a specially crafted HTTP POST request an attacker can use os.execute to execute arbitrary system commands on the target with SYSTEM privileges. This module requires Metasploit...
Wing FTP Server Authenticated Command Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wing FTP Server Authenticated Command Execution', 'Description' = %q This module exploits the embedded Lua interpreter in the admin w...
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
UBUNTU-CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
PT-2014-1807 · Lua +2 · Lua +2
Name of the Vulnerable Software and Affected Versions: Lua versions 5.1 through 5.2.x before 5.2.3 Description: The issue is caused by a buffer overflow in the vararg functions in ldo.c, allowing context-dependent attackers to cause a denial of service crash via a small number of arguments to a...
Sandcat Browser 5 - A Penetration-Oriented Browser
Sandcat is a lightweight multi-tabbed web browser that combines the speed and power of Chromium and Lua. Sandcat comes with built-in live headers, an extensible user interface and command line console, resource viewer, and many other features that are useful for web developers and pen-testers. He...