CVE-2013-3563
published 2013-07-04CVE-2013-3563: Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or…
PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
48.22%
98.7th percentile
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lianja | lianja_sql_server | <= 1.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Probe/check phase sends the 6-byte string 'db_net' to TCP port 8001; a numeric 4-byte response indicates a vulnerable Lianja SQL db_netserver instance. ↗
- →Exploit payload contains bad character \x01; any TCP/8001 stream to db_netserver that begins with 'db_net' followed by a large crafted buffer (starting with bytes 000052E1) should be treated as an exploitation attempt. ↗
- →Targets are Windows Server 2003 SP1/SP2 and Windows XP SP3 running Lianja SQL 1.0.0RC5.1; privilege level of the spawned db_netserver process is SYSTEM-level (Privileged => true). ↗
- ·The exploit uses a ROP chain (StackAdjustment -3500) and the specific ROP gadgets differ between the Windows 2003 and Windows XP SP3 targets; detection rules should not rely solely on payload bytes as they are target-dependent. ↗
- ·WfsDelay is set to 20 seconds, meaning the exploit connection may appear idle for up to 20 seconds before the payload executes; short-lived connection timeouts may miss the full attack sequence. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Lianja SQL 1.0.0RC5.1 - db_netserver Stack Buffer Overflow (Metasploit)
exploitdb·2013-05-31
CVE-2013-3563 Lianja SQL 1.0.0RC5.1 - db_netserver Stack Buffer Overflow (Metasploit)
Lianja SQL 1.0.0RC5.1 - db_netserver Stack Buffer Overflow (Metasploit)
---
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
# http://metasploit.com/
##
require 'msf/core'
class Metasploit3 'Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the db_netserver process which
is spawned by the Lianja SQL server. The issue is fixed in Lianja SQL 1.0.0RC5.2.
},
'Author' => 'Spencer McIntyre',
'License' => MSF_LICENSE,
'References' => [
[ 'CVE', '2013-3563' ]
],
'DefaultOptions' =>
{
'WfsDelay' => 20
},
'Platform' => 'win',
'Arch' => ARCH_X86,
'Payload' =>
{
'S
Metasploit
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
metasploit
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
This module exploits a stack buffer overflow in the db_netserver process, which is spawned by the Lianja SQL server. The issue is fixed in Lianja SQL 1.0.0RC5.2.
No writeups or analysis indexed.
2013-07-04
Published