| VID |
22338 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Web server is running a version of PHP which has a denial of service vulnerability. PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. PHP versions 4.x prior to 4.3.11 and PHP versions 5.0.x prior to 5.0.4 are vulnerable to a denial of service attack, caused by improper validation of file data in the routines 'php_handle_iff' and 'php_handle_jpeg', which are called by the PHP function 'getimagesize()'. By sending a specially-crafted image (JPEG or IFF) to the getimagesize() PHP function, a remote attacker could cause PHP to enter into an infinite loop to consume excessive processing resources on an affected computer, leading to a denial of service condition.
* Note: This check solely relied on the banner of the remote HTTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.idefense.com/application/poi/display?id=222&type=vulnerabilities
http://secunia.com/advisories/14792/
* Platforms Affected:
PHP Group, PHP versions 4.x prior to 4.3.11
PHP Group, PHP versions 5.0.x prior to 5.0.4
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PHP (4.3.11 or 5.0.4 or later), available from the PHP Web site at http://www.php.net/ |
| Related URL |
CVE-2005-0524,CVE-2005-0525 (CVE) |
| Related URL |
12962,12963 (SecurityFocus) |
| Related URL |
19920,19924 (ISS) |
|
