SynopsisAn application installed on the remote host is affected by an information disclosure vulnerability.
DescriptionAccording to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.2. It is, therefore, affected by:
- An out-of-bounds read error exists in the dns_get_record function due to improper parsing of DNS responses. An unauthenticated, remote attacker can exploit this, via a specially crafted DNS reply, to disclose memory contents.
SolutionUpgrade to PHP version 7.3.2 or later.