SynopsisPHP 7.3.x < 7.3.2 Information Disclosure
DescriptionAccording to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.2. It is, therefore, affected by an out-of-bounds read error exists in the dns_get_record function due to improper parsing of DNS responses. An unauthenticated, remote attacker can exploit this, via a specially crafted DNS reply, to disclose memory contents.
Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to PHP version 7.3.2 or later.