HTTP: PHP memory_limit Arbitrary Code Execution
This signature detects attempts to exploit a known vulnerability against PHP. A successful attack can lead to arbitrary code execution.
Extended Description
PHP modules compiled with memory_limit support are affected by a remote code-execution vulnerability. This issue occurs because the PHP module fails to properly handle memory_limit request termination. An attacker can leverage this issue by exploiting the Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability (BID 10619). The attacker can cause premature termination during critical code execution. Note that although the Apache vulnerability is the only known attack vector, there may be other attack vectors that are currently unknown. Attackers can exploit this issue to execute arbitrary code on an affected computer within the context of the vulnerable application, facilitating unauthorized access.
Affected Products
Avaya s8700,Apple mac_os_x
Short Name
HTTP:PHP:MEMORY-LIMIT-CE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2004-0594 Code Execution PHP bid:10725 memory_limit
Release Date
07/01/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Apple
Trustix
Hp
Avaya
Mandriva
Php
Debian
CVSS Score
5.1