PT-2005-4751 · Php · Php Web Statistik

Ascii

Published

2005-12-05

Updated

2017-07-20

CVE-2005-4015

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PHP Web Statistik version 1.4

Description The issue allows remote attackers to fill the log files by sending a large number of requests, due to the lack of log database rotation and unlimited size of the referer field. This can be demonstrated using pixel.php.

Recommendations For PHP Web Statistik version 1.4, consider implementing log rotation and limiting the size of the referer field to prevent log files from being filled by a large number of requests. As a temporary workaround, restrict access to the log files to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4015

Affected Products

Php Web Statistik

PT-2005-4751 · Php · Php Web Statistik

CVE-2005-4015

Related Identifiers

Affected Products

References · 6