cve/2013/CVE-2013-2028.md

### [CVE-2013-2028](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.

### POC

#### Reference
- http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html
- https://github.com/rapid7/metasploit-framework/pull/1834

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/JERRY123S/all-poc
- https://github.com/Sunqiz/CVE-2013-2028-reproduction
- https://github.com/alexgeunholee/zeus-software-security
- https://github.com/anquanscan/sec-tools
- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/danghvu/nginx-1.4.0
- https://github.com/dyjakan/exploit-development-case-studies
- https://github.com/hktalent/TOP
- https://github.com/jbmihoub/all-poc
- https://github.com/jptr218/nginxhack
- https://github.com/kitctf/nginxpwn
- https://github.com/m4drat/CVE-2013-2028-Exploit
- https://github.com/mambroziak/docker-cve-2013-2028
- https://github.com/mertsarica/hack4career
- https://github.com/mudongliang/LinuxFlaw
- https://github.com/oneoy/cve-
- https://github.com/q40603/Continuous-Invivo-Fuzz
- https://github.com/tachibana51/CVE-2013-2028-x64-bypass-ssp-and-pie-PoC
- https://github.com/weeka10/-hktalent-TOP
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2013-2028](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html`
			`- https://github.com/rapid7/metasploit-framework/pull/1834`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/JERRY123S/all-poc`
			`- https://github.com/Sunqiz/CVE-2013-2028-reproduction`
			`- https://github.com/alexgeunholee/zeus-software-security`
			`- https://github.com/anquanscan/sec-tools`
			`- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets`
			`- https://github.com/cyberanand1337x/bug-bounty-2022`
			`- https://github.com/danghvu/nginx-1.4.0`
			`- https://github.com/dyjakan/exploit-development-case-studies`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/jbmihoub/all-poc`
			`- https://github.com/jptr218/nginxhack`
			`- https://github.com/kitctf/nginxpwn`
			`- https://github.com/m4drat/CVE-2013-2028-Exploit`
			`- https://github.com/mambroziak/docker-cve-2013-2028`
			`- https://github.com/mertsarica/hack4career`
			`- https://github.com/mudongliang/LinuxFlaw`
			`- https://github.com/oneoy/cve-`
			`- https://github.com/q40603/Continuous-Invivo-Fuzz`
			`- https://github.com/tachibana51/CVE-2013-2028-x64-bypass-ssp-and-pie-PoC`
			`- https://github.com/weeka10/-hktalent-TOP`