PHP 7.0.x < 7.0.17 / 7.1.x < 7.1.3 DoS
Medium Nessus Network Monitor Plugin ID 700087
SynopsisThe remote web server uses a version of PHP that is affected by a Denial of Service (Dos) attack vector.
DescriptionVersions of PHP 7.0.x prior to 7.0.17 and 7.1.x prior to 7.1.3 are affected by an error related to handling HTTP POST requests when configured with a large 'post_max_size' that allows DoS attacks via CPU resource exhaustion.
SolutionUpgrade to PHP version 7.1.3. If 7.1.x cannot be obtained, 7.0.17 has also been patched for this vulnerability.