what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2014-5461

Status Candidate

Overview

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Related Files

Gentoo Linux Security Advisory 202305-23
Posted May 3, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-23 - Multiple vulnerabilities have been discovered in Lua, the worst of which could result in arbitrary code execution.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2014-5461, CVE-2021-44647, CVE-2022-28805
SHA-256 | 00aefb3377c44926da8759cd1d9a0caff52ef4beac1d0f7f4a215d7820e9e283
Download | Favorite | View
Gentoo Linux Security Advisory 201701-53
Posted Jan 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-53 - A buffer overflow in Lua might allow context-dependent attackers to execute arbitrary code. Versions less than 5.1.5-r4 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-5461
SHA-256 | 0a382c25aac7198b837b9c3b7a6af9b05b386e38bba1e14eceec6b62ae70f85a
Download | Favorite | View
Mandriva Linux Security Advisory 2015-144
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-144 - A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2014-5461
SHA-256 | ac31acf6c259ead6e52e4fece7f7a93fe4218899d8b08dda8607eb133e8f7679
Download | Favorite | View
Mandriva Linux Security Advisory 2014-205
Posted Oct 24, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-205 - A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2014-5461
SHA-256 | 41c0ce842fa436a99105fa93c7f6ee89798757ba9363750bbb92eb41d89a0574
Download | Favorite | View
Ubuntu Security Notice USN-2338-1
Posted Sep 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2338-1 - It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-5461
SHA-256 | 742386c70e5001c109ed1b9fd23764fe2289037eeb35b4ae341694d1484682de
Download | Favorite | View
Debian Security Advisory 3015-1
Posted Sep 2, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3015-1 - A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2014-5461
SHA-256 | 08d936ff79542fbe391fe2ed9161089263714f74f69a38383de657f660aeebf2
Download | Favorite | View
Debian Security Advisory 3016-1
Posted Sep 2, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3016-1 - A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2014-5461
SHA-256 | b7cb2a0b0cf0c1c23b6934bdb7db254c50a5071d9ac48f83383b5b00a704724c
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close