PHP 5.5.x < 5.5.19 'donote' DoS
Medium Nessus Plugin ID 79247
SynopsisThe remote web server uses a version of PHP that is affected by a denial of service vulnerability.
DescriptionAccording to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.19. It is, therefore, affected by an out-of-bounds read error in the function 'donote' within the file 'ext/fileinfo/libmagic/readelf.c' that could allow application crashes.
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to PHP version 5.5.19 or later.