CVEs-PoC/2011/CVE-2011-4885.md at 2d745dea058dce4b2f2b4b0b4da10f1e24d40b3e

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-25 16:47:53 +02:00

Files

T

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

POC

Reference

http://www.exploit-db.com/exploits/18305
http://www.ocert.org/advisories/ocert-2011-003.html
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.redhat.com/support/errata/RHSA-2012-0019.html
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py

Github

No PoCs found on GitHub currently.

971 B Raw Blame History

CVE-2011-4885

Description

POC

Reference

Github

971 B

Raw Blame History