Vulnerabilities > CVE-2002-2309 - Resource Management Errors vulnerability in PHP

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

php

CWE-399

exploit available

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.

Vulnerable Configurations

Part	Description	Count
Application	Php PHP PHP 3.0.1 PHP PHP 3.0.2 PHP PHP 3.0.3 PHP PHP 3.0.4 PHP PHP 3.0.5 PHP PHP 3.0.6 PHP PHP 3.0.7 PHP PHP 3.0.8 PHP PHP 3.0.9 PHP PHP 3.0.10 PHP PHP 3.0.11 PHP PHP 3.0.12 PHP PHP 3.0.13 PHP PHP 3.0.14 PHP PHP 3.0.15 PHP PHP 3.0.16 PHP PHP 3.0.17 PHP PHP 3.0.18 PHP PHP 4.0 PHP PHP 4.0.1 PHP PHP 4.0.2 PHP PHP 4.0.3 PHP PHP 4.0.4 PHP PHP 4.0.5 PHP PHP 4.0.6 PHP PHP 4.0.7 PHP PHP 4.1.0 PHP PHP 4.1.1 PHP PHP 4.1.2 PHP PHP 4.2.0 PHP PHP 4.2.1 PHP PHP 4.2.2	38

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	PHP Interpreter 3.0.x/4.0.x/4.1/4.2 Direct Invocation Denial Of Service. CVE-2002-2309. Dos exploit for unix platform
id	EDB-ID:21632
last seen	2016-02-02
modified	2002-07-22
published	2002-07-22
reporter	Matthew Murphy
source	https://www.exploit-db.com/download/21632/
title	PHP Interpreter 3.0.x/4.0.x/4.1/4.2 Direct Invocation Denial of Service

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References