Lucene search

K
nessusThis script is Copyright (C) 2012-2024 and is owned by Tenable, Inc. or an Affiliate thereof.PHP_5_HASH_COLLISION_DOS.NBIN
HistoryJan 16, 2012 - 12:00 a.m.

PHP Version 5 Hash Collision Form Parameter Parsing Remote DoS

2012-01-1600:00:00
This script is Copyright (C) 2012-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28

The remote web server uses a version of PHP that is affected by a hash collision denial of service. A flaw exists in the way PHP generates hash tables for user-supplied values. By sending a small number of specially crafted POST requests to a web server that uses PHP, an attacker can take advantage of this flaw to cause a denial of service condition.

Note that this plugin only tests PHP version 5, and it only runs if ‘Report paranoia’ is set to ‘Paranoid’ and the ‘Perform thorough tests’ setting is enabled.

Binary data php_5_hash_collision_dos.nbin
VendorProductVersionCPE
phpphpcpe:/a:php:php