Lucene search
RootSSV:30001HistoryJan 01, 2012 - 12:00 a.m.
PHP Web表单哈希冲突拒绝服务漏洞
2012-01-0100:00:00
Root
www.seebug.org
68
0.875 High
EPSS
Percentile
98.3%
BUGTRAQ ID: 51193
CVE ID: CVE-2011-4885
PHP 5.3.9之前版本在计算表单参数哈希值的实现上没有提前限制哈希冲突,存在拒绝服务漏洞,通过发送小量的特制webform表单张贴到受影响应用程序,攻击者可利用此漏洞导致使用PHP的站点失去响应正常请求的能力
0
PHP 5.x
厂商补丁:
PHP
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
nessus
nessus
F5 Networks BIG-IP : PHP vulnerability (K13588)
2014-10-10 00:00:00
PHP < 5.3.10 php_register_variable_ex() RCE
2012-02-06 00:00:00
PHP 5.3.9 php_register_variable_ex() Code Execution
2012-02-06 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP5 Hash Collision Denial Of Service - Ver2 (CVE-2011-4885)
2014-03-03 00:00:00
packetstorm
packetstorm
PHP 5.3.x Hashtables Proof Of Concept
2012-01-01 00:00:00
PHP 5.3.x Hash Collision Proof Of Concept Code
2012-01-02 00:00:00
seebug
seebug
PHP Hashtables Denial of Service
2014-07-01 00:00:00
PHP "php_register_variable_ex()"函数任意代码执行漏洞(CVE-2012-0830)
2012-02-03 00:00:00
PHP Hash Table Collision Proof Of Concept
2014-07-01 00:00:00
prion
prion
Code injection
2011-12-30 01:55:00
Design/Logic Flaw
2012-02-06 20:55:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:06:05
Remote Code Execution (RCE)
2020-04-10 01:10:12
f5
f5
K13588 : PHP vulnerability CVE-2011-4885
2013-09-11 00:00:00
SOL13588 - PHP vulnerability CVE-2011-4885
2012-05-17 00:00:00
K13519 : Multiple PHP vulnerabilities
2013-09-20 00:00:00
exploitpack
exploitpack
PHP 5.3.8 - Hashtables Denial of Service
2012-01-01 00:00:00
PHP Hash Table Collision - Denial of Service (PoC)
2012-01-03 00:00:00
cve
cve
CVE-2011-4885
2011-12-30 01:55:00
CVE-2012-0830
2012-02-06 20:55:00
ubuntucve
ubuntucve
CVE-2011-4885
2011-12-29 00:00:00
CVE-2012-0830
2012-02-06 00:00:00
exploitdb
exploitdb
PHP 5.3.8 - Hashtables Denial of Service
2012-01-01 00:00:00
PHP Hash Table Collision - Denial of Service (PoC)
2012-01-03 00:00:00
openvas
openvas
Fedora Update for php FEDORA-2012-1301
2012-02-21 00:00:00
Fedora Update for php FEDORA-2012-1262
2012-04-02 00:00:00
FreeBSD Ports: php5
2012-02-12 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: php-5.3.10-1.fc16
2012-02-08 22:56:30
[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.1
2012-01-19 22:00:25
[SECURITY] Fedora 16 Update: php-5.3.9-1.fc16
2012-01-19 22:00:25
freebsd
freebsd
php -- multiple vulnerabilities
2011-12-29 00:00:00
amazon
amazon
Critical: php
2012-02-02 16:10:00
Medium: php
2012-01-19 20:10:00
redhat
redhat
(RHSA-2012:0093) Critical: php security update
2012-02-02 00:00:00
(RHSA-2012:0092) Critical: php53 security update
2012-02-02 00:00:00
(RHSA-2012:0019) Moderate: php53 and php security update
2012-01-11 00:00:00
centos
centos
php, php53 security update
2012-01-11 19:19:36
php53 security update
2012-02-03 01:43:26
php security update
2012-02-03 01:41:17
oraclelinux
oraclelinux
php53 and php security update
2012-01-11 00:00:00
php security update
2012-01-30 00:00:00
php security update
2012-01-18 00:00:00
securityvulns
securityvulns
PHP security vulnerabilities
2012-02-08 00:00:00
[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision
2012-01-02 00:00:00
[ MDVSA-2012:065 ] php
2012-05-01 00:00:00
cert
cert
Hash table implementations vulnerable to algorithmic complexity attacks
2011-12-28 00:00:00
debian
debian
[SECURITY] [DSA 2399-2] php5 regression fix
2012-01-31 15:26:47
[SECURITY] [DSA 2399-1] php5 security update
2012-01-31 07:22:58
osv
osv
php5 - several
2012-01-31 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2012-02-10 00:00:00
PHP regression
2012-02-13 00:00:00
suse
suse
Security update for PHP5 (important)
2012-03-24 03:08:28
update for php5 (important)
2012-03-29 15:08:14
Security update for PHP5 (important)
2012-04-12 23:08:15
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2012
2012-07-17 00:00:00