Lua 'ldo.c' Remote Code Execution Vulnerability
BID:69342
Info
Lua 'ldo.c' Remote Code Execution Vulnerability
| Bugtraq ID: | 69342 |
| Class: | Design Error |
| CVE: |
CVE-2014-5461 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 21 2014 12:00AM |
| Updated: | Oct 29 2014 12:59AM |
| Credit: | Unknown |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
Lua 'ldo.c' Remote Code Execution Vulnerability
Lua is prone to remote code execution vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Versions prior to Lua 5.2.3 are vulnerable.
Lua is prone to remote code execution vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Versions prior to Lua 5.2.3 are vulnerable.
Exploit / POC
Lua 'ldo.c' Remote Code Execution Vulnerability
An attacker can exploit this issue using readily available tools.
An attacker can exploit this issue using readily available tools.
Solution / Fix
Lua 'ldo.c' Remote Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.