PHP 'mbstring.func_overload' DoS Vulnerability Network Vulnerability

Summary

The host is running PHP and is prone to denial of service vulnerability.

Impact

Successful exploitation will let the local attackers to crash an affected web server. Impact Level: Application

Solution

Apply patch from below link, http://php.net

Insight

This bug is due to an error in 'mbstring.func_overload' setting in .htaccess file. It can be exploited via modifying behavior of other sites hosted on the same web server which causes this setting to be applied to other virtual hosts on the same server.

Affected

PHP version 4.4.4 and prior PHP 5.1.x to 5.1.6 PHP 5.2.x to 5.2.5

References

http://bugs.php.net/bug.php?id=27421
https://bugzilla.redhat.com/show_bug.cgi?id=479272

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0754
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

TYPSoft FTP Server 'APPE' and 'DELE' Commands DOS Vulnerability
Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Linux)
Oracle VM VirtualBox Unspecified Denial of Service Vulnerability (Windows)
Wireshark SMB dissector Denial of Service Vulnerability (Windows)
Squid Proxy Cache ICAP Adaptation Denial of Service Vulnerability

Take action and discover your vulnerabilities