|Category:||Denial of Service|
|Title:||PHP 'mbstring.func_overload' DoS Vulnerability|
|Summary:||Check for the version of PHP|
The host is running PHP and is prone to denial of service vulnerability.
This bug is due to an error in 'mbstring.func_overload' setting in .htaccess
file. It can be exploited via modifying behavior of other sites hosted on
the same web server which causes this setting to be applied to other virtual
hosts on the same server.
Successful exploitation will let the local attackers to crash an affected web
Impact Level: Application
PHP version 4.4.4 and prior
PHP 5.1.x to 5.1.6
PHP 5.2.x to 5.2.5
Fix: No solution or patch is available as of 17th March, 2009. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://www.php.net
BugTraq ID: 33542|
Common Vulnerability Exposure (CVE) ID: CVE-2009-0754
Debian Security Information: DSA-1789 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
|Copyright||Copyright (C) 2009 Greenbone Networks GmbH|
|This is only one of 58880 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.