PHP 5.3.9 'php_register_variable_ex()' Code Execution
Synopsis :
The remote web server uses a version of PHP that is affected by a
code execution vulnerability.
Description :
According to its banner, the version of PHP installed on the remote
host is 5.3.9. This version reportedly is affected by a code
execution vulnerability.
Specifically, the fix for the hash collision denial of service
vulnerability (CVE-2011-4885) itself has introduced a remote code
execution vulnerability in the function 'php_register_variable_ex()' in
the file 'php_variables.c'. A new configuration variable,
'max_input_vars', was added as a part of the fix. If the number of
input variables exceeds this value and the variable being processed is
an array, code execution can occur.
See also :
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttps://gist.github.com/1725489
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.php.net/ChangeLog-5.php#5.3.10
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.nessus.org/u?d1ee2de8
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://svn.php.net/viewvc?view=revision&revision=323007
Solution :
Upgrade to PHP version 5.3.10 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
original thread: only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.nessus.org/plugins/index.php?view=single&id=57825
