LDAP: PHP LDAP Denial of Service

This signature detects attempts to exploit a known vulnerability in PHP. Successful exploitation of this vulnerability could lead to denial of service.

Extended Description

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

Affected Products

Php php

Short Name
LDAP:PHP-LDAP-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
LDAP
Keywords
CVE-2018-10548 Denial LDAP PHP Service of
Release Date
06/11/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Php

Netapp

Debian

Canonical

CVSS Score

5.0

Found a potential security threat?