Apache with mod_php on Linux, *BSD, Unix
Input validation error
Denial of Service
Captured with snort
From the Bugtraq vulnerability database:
A vulnerability has been reported for PHP versions 4.2.0 and 4.2.1. It is possible for a remote attacker to cause the PHP interpreter to crash the web server on a vulnerable system and execute malicious, attacker supplied code.
The vulnerability is the result of the PHP interpreter incorrectly parsing MIME headers when HTTP POST commands are received. When PHP receives a malformed POST request, it generates an error condition that is improperly handled. As a result, the attacker may cause the web server to crash and possibly execute supplied code.
From the Bugtraq postings: This vulnerability may be exploitable on Sparc.
POST hi.php HTTP/1.0 Referer: http://host/xxxxxx/exp.php?hi_lames=haha Connection: Keep-Alive Content-type: multipart/form-data; boundary=---------------------------135408810612827886801697150081 Content-Length: 567 -----------------------------135408810612827886801697150081 Content-Disposition: form-data; name=""