Full Disclosure mailing list archives
Re: PHP "multipart/form-data" denial of service
From: Moritz Naumann <security () moritz-naumann com>
Date: Tue, 24 Nov 2009 22:40:07 +0100
Bogdan Calin wrote:
Description ------------ PHP version 5.3.1 was just released. This release contains a patch for a denial of service condition we've reported on 27 October 2009. The problem is related with PHP's handling of RFC 1867 (Form-based File Upload in HTML).
Thanks for the good description and test results, Bogdan.
Proof of concept ----------------- I'm not going to publish the proof of concept Python script. If you have a valid reason why you would need the proof of concept, you can contact me at this email address (bogdan [at] acunetix.com).
Someone has apparently written one in bash: http://www.paste-it.com/view/77958658 If testing for IT security issues wasn't practically illegalized in Germany I might even have done it myself. This script wasn't so effective when I tested it here, but it did work after I spawned a couple processes. It takes it quite a while to prepare the requests, though, and without the randomization stuff and with
=python this could probably be done much faster.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- PHP "multipart/form-data" denial of service Bogdan Calin (Nov 20)
- Re: PHP "multipart/form-data" denial of service Moritz Naumann (Nov 24)
- Re: PHP "multipart/form-data" denial of service Bogdan Calin (Nov 25)
- Re: PHP "multipart/form-data" denial of service Moritz Naumann (Nov 24)