Summary
This host is running PHP Built-in WebServer and is prone to denial of service vulnerability.
Impact
Successful exploitation may allow remote attackers to cause the application to crash, creating a denial-of-service condition.
Impact Level: Application
NOTE: This NVT reports, If similar vulnerability present in different web-server.
Solution
Upgrade to PHP 5.4.1RC1-DEV or 5.5.0-DEV or later.
For updates refer to http://php.net/downloads.php
Insight
The flaw is due to an error when processing HTTP request with a large 'Content-Length' header value and can be exploited to cause a denial of service via a specially crafted packet.
Affected
PHP version 5.4.0
References
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- JBoss Application Server Multiple Vulnerabilities
- Xerver HTTP Server Web Administration Denial of Service Vulnerability
- CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability
- Microsoft Windows Media Services ISAPI Extension Code Execution Vulnerabilities
- Media Player Classic (MPC) Webserver Multiple Vulnerabilities