PHP HTTP POST incorrect MIME header parsing vulnerability

Description
  • <div class="bb-coolbox"><span class="bb-dark">This alert was generated using only banner information. It may be a false positive. </span></div><br/>A vulnerability has been reported for PHP versions 4.2.0 and 4.2.1.The vulnerability is the result of the PHP interpreter incorrectly parsing MIME headers when HTTP POST commands are received. When PHP receives a malformed POST request, it generates an error condition that is improperly handled. As a result, the attacker may cause the web server to crash and possibly execute supplied code. <br/><br/><span class="bb-navy">Affected PHP versions (4.2.0, 4.2.1).</span><br/>
Remediation
  • Upgrade PHP to the latest version.
References