PHPIDS ReDoS Filters Security Bypass Vulnerability
BID:51277
Info
PHPIDS ReDoS Filters Security Bypass Vulnerability
| Bugtraq ID: | 51277 |
| Class: | Access Validation Error |
| CVE: |
CVE-2011-5021 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 05 2012 12:00AM |
| Updated: | Sep 10 2014 12:05AM |
| Credit: | Sitewatch |
| Vulnerable: |
PHPIDS PHPIDS 0.6.5 |
| Not Vulnerable: |
PHPIDS PHPIDS 0.7 |
Discussion
PHPIDS ReDoS Filters Security Bypass Vulnerability
PHPIDS is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions and add PHP sequences to a file through unspecified vectors.
PHPIDS 0.6.5 is vulnerable; other versions may also be affected.
PHPIDS is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions and add PHP sequences to a file through unspecified vectors.
PHPIDS 0.6.5 is vulnerable; other versions may also be affected.
Exploit / POC
PHPIDS ReDoS Filters Security Bypass Vulnerability
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
PHPIDS ReDoS Filters Security Bypass Vulnerability
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
PHPIDS ReDoS Filters Security Bypass Vulnerability
References:
References:
- PHPIDS Homepage (PHPIDS)
- Complete Ruleset Bypass in PHPIDS 0.6.5 (Sitewatch)