Remote Denial-of-Service Vulnerability in PHP - exploit.company

vendor:

PHP

by:

Unknown

7.5

CVSS

HIGH

Remote Denial-of-Service

400

CWE

Product Name: PHP

Affected Version From: PHP 5.3.8

Affected Version To: Unknown

Patch Exists: YES

Related CWE: CVE-2011-1398

CPE: a:php:php

Metasploit: https://www.rapid7.com/db/vulnerabilities/php-cve-2012-4388/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2012-4388/, https://www.rapid7.com/db/vulnerabilities/freebsd-vid-918f38cd-f71e-11e1-8bd8-0022156e8794/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2011-1398/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2011-1398/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2011-1398/, https://www.rapid7.com/db/vulnerabilities/php-cve-2011-1398/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-1814/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-1307/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-0514/

Other Scripts:

Platforms Tested:

2012

Remote Denial-of-Service Vulnerability in PHP

An attacker can exploit this issue to cause the web server to crash, denying service to legitimate users.

Mitigation:

Upgrade to a patched version of PHP.

Source

Exploit-DB raw data: