PHP Web Form Hash Collision Denial Of Service Vulnerability
BID:51193
Info
PHP Web Form Hash Collision Denial Of Service Vulnerability
| Bugtraq ID: | 51193 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2011-4885 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 29 2011 12:00AM |
| Updated: | Apr 16 2015 06:07PM |
| Credit: | Alexander Klink and Julian Waelde |
| Vulnerable: |
Turbolinux Client 2008 Turbolinux Appliance Server 3.0 x64 Turbolinux Appliance Server 3.0 SuSE SUSE Linux Enterprise Server for VMware 11 SP1 SuSE SUSE Linux Enterprise Server 11 SP2 SuSE SUSE Linux Enterprise Server 11 SP1 SuSE SUSE Linux Enterprise Server 10 SP4 SuSE SUSE Linux Enterprise Server 10 SP3 LTSS SuSE SUSE Linux Enterprise SDK 11 SP2 SuSE SUSE Linux Enterprise SDK 11 SP1 SuSE SUSE Linux Enterprise SDK 10 SP4 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop version 4 Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux 5 Server PHP PHP 5.3.8 PHP PHP 5.3.7 PHP PHP 5.3.6 PHP PHP 5.3.5 PHP PHP 5.3.2 PHP PHP 5.3.1 PHP PHP 5.3 PHP PHP 5.2.17 PHP PHP 5.2.15 PHP PHP 5.2.13 PHP PHP 5.2.12 PHP PHP 5.2.11 PHP PHP 5.2.10 PHP PHP 5.2.9 -2 PHP PHP 5.2.9 PHP PHP 5.2.8 PHP PHP 5.2.7 PHP PHP 5.2.6 PHP PHP 5.2.5 PHP PHP 5.2.4 PHP PHP 5.2.3 PHP PHP 5.2.2 PHP PHP 5.2.1 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 -RC1 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PHP 5.1.1 PHP PHP 5.1 PHP PHP 5.0.5 PHP PHP 5.0.4 PHP PHP 5.0.3 PHP PHP 5.0.2 PHP PHP 5.0.1 PHP PHP 5.0 candidate 3 PHP PHP 5.0 candidate 2 PHP PHP 5.0 candidate 1 PHP PHP 5.0 .0 PHP PHP 5.3.5 PHP PHP 5.3.4 RC1 PHP PHP 5.3.4 PHP PHP 5.3.3 PHP PHP 5.2.14 PHP PHP 5.2 Oracle Secure Backup 10.3.0.3 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 Oracle Enterprise Linux 4 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 HP System Management Homepage 7.0 HP System Management Homepage 6.3 HP System Management Homepage 6.2 HP System Management Homepage 6.1 HP System Management Homepage 6.0 HP OpenVMS Secure Web Server 7.3 -2 HP OpenVMS Secure Web Server 7.3 -1 HP OpenVMS Secure Web Server 7.3 HP OpenVMS Secure Web Server 7.2 -2 HP OpenVMS Secure Web Server 1.2 HP OpenVMS Secure Web Server 1.1 -1 HP OpenVMS Secure Web Server 2.2 HP OpenVMS Secure Web Server 2.1-1 HP HP-UX Web Server Suite 3.21 HP HP-UX Web Server Suite 3.18 HP HP-UX Web Server Suite 3.17 HP HP-UX Web Server Suite 3.15 HP HP-UX Web Server Suite 3.14 HP HP-UX Web Server Suite 3.13 HP HP-UX Web Server Suite 3.12 HP HP-UX Web Server Suite 3.10 Gentoo Linux F5 FirePass 6.0.3 F5 FirePass 6.0.2 F5 FirePass 6.0.1 F5 FirePass 7.0 F5 FirePass 6.1 F5 FirePass 6.0.2.3 F5 FirePass 6.0 F5 BigIP WAN Optimization Module 10.1 F5 BigIP WAN Optimization Module 10.0.1 F5 BigIP WAN Optimization Module 10.0 F5 BigIP PSM 10.1 F5 BigIP PSM 10.0.1 F5 BigIP PSM 10.0 F5 BigIP Local Traffic Manager (LTM) 10.2.1 HF2 F5 BigIP Local Traffic Manager (LTM) 10.1 F5 BigIP Local Traffic Manager (LTM) 10.0.1 F5 BigIP Local Traffic Manager (LTM) 10.0 F5 BigIP Link Controller 10.1 F5 BigIP Link Controller 10.0.1 F5 BigIP Link Controller 10.0 F5 BigIP Global Traffic Manager (GTM) 10.1 F5 BigIP Global Traffic Manager (GTM) 10.0.1 F5 BigIP Global Traffic Manager (GTM) 10.0 F5 BigIP Edge 10.1 F5 BigIP Application Security Manager (ASM) 10.1 F5 BigIP Application Security Manager (ASM) 10.0.1 F5 BigIP Application Security Manager (ASM) 10.0 F5 BigIP APM 10.1 F5 BIG-IP Protocol Security Manager 10.1 F5 BIG-IP Protocol Security Manager 10.0.1 F5 BIG-IP Protocol Security Manager 10.0 F5 BIG-IP Application Security Manager 10.2.2 F5 BIG-IP Application Security Manager 10.2 F5 BIG-IP Application Security Manager 10.1 F5 BIG-IP Application Security Manager 10.0.1 F5 BIG-IP Application Security Manager 10.0 Drupal Drupal 7.6 Drupal Drupal 7.5 Drupal Drupal 7.4 Drupal Drupal 7.3 Drupal Drupal 7.2 Drupal Drupal 7.1 Drupal Drupal 7.0 Dev Drupal Drupal 7.0 Alpha7 Drupal Drupal 7.0 Alpha6 Drupal Drupal 7.0 Alpha5 Drupal Drupal 7.0 Alpha4 Drupal Drupal 7.0 Alpha3 Drupal Drupal 7.0 Alpha2 Drupal Drupal 7.0 Alpha1 Drupal Drupal 7.0 Drupal Drupal 6.x-1.12 Drupal Drupal 6.9 Drupal Drupal 6.8 Drupal Drupal 6.7 Drupal Drupal 6.6 Drupal Drupal 6.5 Drupal Drupal 6.4 Drupal Drupal 6.3 Drupal Drupal 6.22 Drupal Drupal 6.22 Drupal Drupal 6.21 Drupal Drupal 6.21 Drupal Drupal 6.2 Drupal Drupal 6.18 Drupal Drupal 6.17 Drupal Drupal 6.16 Drupal Drupal 6.15 Drupal Drupal 6.15 Drupal Drupal 6.14 Drupal Drupal 6.13 Drupal Drupal 6.12 Drupal Drupal 6.11 Drupal Drupal 6.10 Drupal Drupal 6.1 Drupal Drupal 6.0 Rc4 Drupal Drupal 6.0 Rc3 Drupal Drupal 6.0 Rc2 Drupal Drupal 6.0 Rc1 Drupal Drupal 6.0 Dev Drupal Drupal 6.0 Beta4 Drupal Drupal 6.0 Beta3 Drupal Drupal 6.0 Beta2 Drupal Drupal 6.0 Beta1 Drupal Drupal 6.0 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya Voice Portal 5.1.2 Avaya Voice Portal 5.1.1 Avaya Voice Portal 5.1 SP1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya IP Office Application Server 8.0 Avaya IP Office Application Server 7.0 Avaya IP Office Application Server 6.1 Avaya IP Office Application Server 6.0 Avaya Aura SIP Enablement Services 5.2.1 Avaya Aura SIP Enablement Services 5.2 Avaya Aura SIP Enablement Services 5.1 Avaya Aura SIP Enablement Services 5.0 Avaya Aura SIP Enablement Services 4.0 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1 Avaya Aura Messaging 6.0.1 Avaya Aura Messaging 6.0 Avaya Aura Experience Portal 6.0 Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Communication Manager 6.0.1 Avaya Aura Communication Manager 6.0 Avaya Aura Communication Manager 5.2 Avaya Aura Communication Manager 5.1 Avaya Aura Communication Manager 4.0 Avaya Aura Communication Manager 4.0 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2 Apple Mac Os X Server 10.7.3 Apple Mac Os X Server 10.7.2 Apple Mac Os X Server 10.7.1 Apple Mac Os X Server 10.7 Apple Mac Os X 10.7.3 Apple Mac Os X 10.7.2 Apple Mac Os X 10.7.1 |
| Not Vulnerable: |
PHP PHP 5.3.9 HP HP-UX Web Server Suite 3.22 Apple Mac Os X Server 10.7.4 Apple Mac Os X 10.7.4 |
Discussion
PHP Web Form Hash Collision Denial Of Service Vulnerability
PHP is prone to a denial-of-service vulnerability.
An attacker can exploit this issue by sending a small number of specially crafted webform form posts to an affected application.
Successful exploits will attackers to disrupt the availability of sites that use PHP.
PHP 5.3.8 and prior versions are vulnerable.
PHP is prone to a denial-of-service vulnerability.
An attacker can exploit this issue by sending a small number of specially crafted webform form posts to an affected application.
Successful exploits will attackers to disrupt the availability of sites that use PHP.
PHP 5.3.8 and prior versions are vulnerable.
Exploit / POC
PHP Web Form Hash Collision Denial Of Service Vulnerability
An attacker can use readily available tools to exploit this issue.
The following exploits are available:
An attacker can use readily available tools to exploit this issue.
The following exploits are available:
Solution / Fix
PHP Web Form Hash Collision Denial Of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Apple Mac OS X 10.7.2
Apple Mac OS X Server 10.7.2
Apple Mac OS X 10.7.3
MandrakeSoft Enterprise Server 5
Solution:
Updates are available. Please see the references for more information.
Apple Mac OS X 10.7.2
-
Apple MacOSXUpdCombo10.7.4.dmg
For OS X Lion v10.7 and v10.7.2
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.7.2
-
Apple MacOSXServerUpdCombo10.7.4.dmg
For OS X Lion Server v10.7 and v10.7.2
http://www.apple.com/support/downloads/
Apple Mac OS X 10.7.3
-
Apple MacOSXUpd10.7.4.dmg
For OS X Lion v10.7.3
http://www.apple.com/support/downloads/
MandrakeSoft Enterprise Server 5
-
Mandriva apache-mod_php-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libmbfl-devel-1.1.0-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libmbfl1-1.1.0-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libming-devel-0.4.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libming1-0.4.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libmonetra-devel-7.0.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libmonetra7-7.0.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libphp5_common5-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsphinxclient-devel-0.9.9-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libsphinxclient0-0.9.9-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libstemmer-devel-0-5.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libstemmer0-0-5.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libxmlrpc-epi-devel-0.54-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libxmlrpc-epi0-0.54-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libyaz-devel-3.0.48-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libyaz3-3.0.48-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva ming-utils-0.4.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva perl-SWF-0.4.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-apc-3.1.10-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-apc-admin-3.1.10-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-bcmath-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-bz2-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-calendar-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-cgi-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-cli-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ctype-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-curl-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-dba-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-dbx-1.1.0-30.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-devel-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-dio-0.0.5-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-doc-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-dom-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-eaccelerator-0.9.6.1-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-eaccelerator-admin-0.9.6.1-0.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-enchant-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-exif-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-fam-5.0.1-3.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-fileinfo-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-filepro-5.1.6-13.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-filter-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-fpm-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ftp-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gd-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gettext-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gmp-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gtk2-2.0.1-2.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-hash-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-iconv-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-imagick-3.0.1-0.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-imap-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ini-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-intl-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-json-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ldap-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mailparse-2.1.6-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mbstring-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mcal-0.6-23.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mcrypt-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mcve-7.0.3-0.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mdbtools-1.0.0-4.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-memcache-3.0.6-0.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ming-5.2.10-0.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mssql-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mysql-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mysqli-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mysqlnd-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-odbc-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-openssl-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pcntl-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_dblib-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_mysql-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_odbc-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_pgsql-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_sqlite-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-perl-1.0.0-32.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pgsql-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-phar-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-posix-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pspell-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-radius-1.2.5-7.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-readline-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-recode-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sasl-0.1.0-21.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-session-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-shmop-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-snmp-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-soap-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sockets-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sphinx-1.2.0-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sqlite-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sqlite3-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ssh2-0.11.3-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-suhosin-0.9.33-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sybase_ct-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sysvmsg-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sysvsem-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sysvshm-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-tclink-3.4.5-0.2mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-tidy-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-timezonedb-2012.3-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-tokenizer-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-translit-0.6.1-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-vld-0.11.1-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-wddx-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xattr-1.1.0-2.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xcache-1.3.2-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xcache-admin-1.3.2-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xdebug-2.1.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xml-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xmlreader-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xmlrpc-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xmlwriter-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xsl-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-yaz-1.1.1-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-zip-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-zlib-5.3.13-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva python-SWF-0.4.4-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva sphinx-0.9.9-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva stemwords-0-5.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva yaz-3.0.48-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
References
PHP Web Form Hash Collision Denial Of Service Vulnerability
References:
References:
- #2011-003 multiple implementations denial-of-service via hash algorithm collisio (oCert)
- n.runs-SA-2011.004 28-Dec-2011 (n.run AG)
- PHP 5.3.9 Released! (PHP)
- PHP Homepage (PHP)
- PSA-2012-001 - Hash DOS attack prevention with Suhosin needs a .htaccess edit (Drupal)
- 2014-11 Security Bulletin: CTPView: Multiple Security vulnerabilities resolved b (Juniper)
- ASA-2012-068 php security update (RHSA-2012-0071) (Avaya)
- ASA-2012-119:php security update (RHSA-2012-0033) (Avaya)
- HPSBMU02786 SSRT100877 rev.1 - HP System Management Homepage (SMH) Running on Li (HP)
- Oracle Critical Patch Update Advisory - July 2012 (Oracle)
- php53 and php security update (RHSA-2012-0019) (Avaya)
- sol13588: PHP vulnerability CVE-2011-4885 (F5)
- Turbolinux Security Advisory TLSA-2012-14 (Turbolinux)