vendor:
PHP
by:
Stefan Esser
7.5
CVSS
HIGH
Resource Usage
400
CWE
Product Name: PHP
Affected Version From: PHP versions prior to 5.2.2
Affected Version To: PHP versions prior to 5.2.4
Patch Exists: YES
Related CWE: CVE-2007-2449
CPE: a:php:php
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2008-0630/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2007-0876/, https://www.rapid7.com/db/vulnerabilities/apple-osx-tomcat-cve-2007-2449/, https://www.rapid7.com/db/vulnerabilities/apache-tomcat-cve-2007-2449/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2007-2449/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2007-0569/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2007-0569/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2008-0261/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2008-0524/
Platforms Tested:
2007
PHP hash_update_file() freed resource usage exploit
This exploit takes advantage of a vulnerability in the hash_update_file() function in PHP. By repeatedly calling the function and freeing the resource, an attacker can cause resource exhaustion and potentially crash the server.
Mitigation:
Update to a patched version of PHP that fixes the vulnerability. Limit the number of times the hash_update_file() function can be called in a single request.