CVE-2013-2028 Exploitation Attempt

Aug 21, 2020 ·

Detecting CVE-2013-2028 based on the error log generated on exploiting

Sigma rule (View on GitHub)

 1title: CVE-2013-2028 Exploitation Attempt
 2id: 05e19ec8-eaf2-4cbd-870d-6cbbac6a719a
 3status: experimental
 4description: Detecting CVE-2013-2028 based on the error log generated on exploiting
 5references:
 6  - https://www.exploit-db.com/exploits/25775
 7author: Loginsoft Research Unit
 8date: 2020/05/29
 9logsource:
10  vendor: nginx
11  category: webserver
12detection:
13  keywords:
14    - 'client sent invalid chunked body'
15  condition: keywords
16falsepositives:
17    - Unknown
18level: medium```

References

OffSec’s Exploit Database Archive

Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit). CVE-2013-2028CVE-93037 . remote exploit for Linux platform

Read More

CVE-2013-2028 Exploitation Attempt

Sigma rule (View on GitHub)

References

OffSec’s Exploit Database Archive