header-logo
Suggest Exploit
vendor:
GeSHi
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Denial-of-Service
400
CWE
Product Name: GeSHi
Affected Version From: Prior to 1.0.8
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: PHP
2008

GeSHi Remote Denial-of-Service Vulnerability

Remote attackers can exploit this issue to cause the vulnerable application to enter an infinite loop, consuming excessive resources. An example exploit is available which creates a string of 1000 'A's and passes it to the GeSHi class.

Mitigation:

Upgrade to version 1.0.8 or later.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/32377/info

GeSHi is prone to a remote denial-of-service vulnerability.

Remote attackers can exploit this issue to cause the vulnerable application to enter an infinite loop, consuming excessive resources.

This issue affects versions prior to GeSHi 1.0.8. 

The following example exploit is available:

<

Navigation

Suggest Exploit

Services By CQR