PT-2005-4751 · Php · Php Web Statistik

Ascii

Publicado

2005-12-05

Atualizado

2017-07-20

CVE-2005-4015

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PHP Web Statistik version 1.4

Description The issue allows remote attackers to fill the log files by sending a large number of requests, due to the lack of log database rotation and unlimited size of the referer field. This can be demonstrated using pixel.php.

Recommendations For PHP Web Statistik version 1.4, consider implementing log rotation and limiting the size of the referer field to prevent log files from being filled by a large number of requests. As a temporary workaround, restrict access to the log files to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-4015

Produtos afetados

Php Web Statistik

PT-2005-4751 · Php · Php Web Statistik

CVE-2005-4015

Identificadores relacionados

Produtos afetados

Referências · 6