PHP Denial of Service Vulnerability

Published On: Dec 06, 2018 13:21

Advisory No: TZCERT/SA/2018/12/05

Source: PHP, CISCO

Software Affected: PHP versions 5.x through 7.1.24

Overview

Potential vulnerability has been discovered in Hypertext Pre-processor (PHP) which can allow a remote attacker to cause denial of service condition on the affected system.

Description

Advisory No: TZCERT/SA/2018/12/05 Date of First Release: 6th December, 2018 Source: PHP, CISCO Software Affected: PHP versions 5.x through 7.1.24 Overview: Potential vulnerability has been discovered in Hypertext Pre-processor (PHP) which can allow a remote attacker to cause denial of service condition on the affected system. Description: It has been revealed that “ext/standard/var.c” and “ext/standard/var_unserializer.c” files in PHP software are susceptible to Denial of Service (DoS) condition due to a NULL pointer dereference. A  remote unauthorized user can exploit this vulnerability when either unserialize call is made to “ext/standard/var_unserializer.c” file for the “com”, “dotnet” and its variant class or a specially crafted request sent malicious input to the affected PHP software. Impact: Successful exploitation of the vulnerabilities can allow an attacker to trigger pointer dereference condition that cause users of software crash resulted into a DoS condition on affected PHP software. Solution: Users and System administrators are advised to update the affected PHP to the latest version as well as the implement the following security measures;

  1. Run firewall and antivirus applications to minimize the potential of inbound and outbound threats.
  2. Implement IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.
  3. Implement a strong firewall policy and monitor the affected systems.
References:
  1. https://tools.cisco.com/security/center/viewAlert.x?alertId=59180
  2. https://tools.cisco.com/security/center/viewAlert.x?alertId=59181
  3. https://www.securityfocus.com/bid/105989

Impact

Successful exploitation of the vulnerabilities can allow an attacker to trigger pointer dereference condition that cause users of software crash resulted into a DoS condition on affected PHP software.

Solution

Users and System administrators are advised to update the affected PHP to the latest version as well as the implement the following security measures; Run firewall and antivirus applications to minimize the potential of inbound and outbound threats. Implement IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems. Implement a strong firewall policy and monitor the affected systems.

References

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Report Incident