There is a denial of service vulnerability in PHPMyAdmin. The vulnerability is caused by a lack of limits on recursion on arrays provided via user input. An attacker can cause a denial of service condition by passing an array of many dimensions to the server.
Exploitation
Stages
- A remote unauthenticated attacker launches a request with a high volume of arrays in the client body.
- There is no response from the server as the application has crashed.
Prerequisites
The attacker must be able to contact the target system.
Vulnerability Description
In this denial of service vulnerability in PHPMyAdmin, an attacker can cause a denial of service condition by passing an array of many dimensions to the server. This will affect the availability of data on the server. The vulnerability can be located in the file grab_globals.lib.php or common.lib.php depending on the version.
Alert Logic Coverage
Alert Logic® has evaluated its customer base for exposure to the exploit and has developed signatures for mitigating the threat depending on the security service in place.
The Network-Based Intrusion Detection System (IDS) has been updated with the new signatures for this exploit when detected via Alert Logic Threat Manager™. If this signature is detected, an incident is generated in the Alert Logic console.
Recommendations for Mitigation
In later versions of PHPmyadmin, the function in grab_globals.lib.php has been deprecated. The developers have added a recursive counter variable to ensure that recursion is limited.
Comments
0 comments
Please sign in to leave a comment.