Vulnerability Name:

CVE-2009-4017 (CCN-54455)

Assigned:2009-11-20
Published:2009-11-20
Updated:2018-10-10
Summary:PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2009-4017

Source: CCN
Type: HP Security Bulletin HPSBMA02568 SSRT100219
HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-03-29-1

Source: HP
Type: UNKNOWN
HPSBUX02543

Source: MLIST
Type: UNKNOWN
[php-announce] 20091119 5.3.1 Release announcement

Source: CCN
Type: RHSA-2010-0040
Moderate: php security update

Source: CCN
Type: Full-Disclosure Mailing List, Fri, 20 Nov 2009 14:03:36 +0200
PHP "multipart/form-data" denial of service

Source: FULLDISC
Type: UNKNOWN
20091120 PHP "multipart/form-data" denial of service

Source: SECUNIA
Type: UNKNOWN
37482

Source: CCN
Type: SA37821
PHP Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
37821

Source: SECUNIA
Type: UNKNOWN
40262

Source: CCN
Type: SA41480
HP System Management Homepage Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
41480

Source: CCN
Type: SA41490
HP System Management Homepage Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
41490

Source: CCN
Type: SA47523
F5 FirePass PHP File Upload Denial of Service Vulnerability

Source: CCN
Type: Apple Web site
About the security content of Security Update 2010-002 / Mac OS X v10.6.3

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4077

Source: CCN
Type: F5 Web site
PHP vulnerability CVE-2009-4017

Source: MISC
Type: UNKNOWN
http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/

Source: DEBIAN
Type: UNKNOWN
DSA-1940

Source: CCN
Type: GLSA-201001-03
PHP: Multiple vulnerabilities

Source: HP
Type: UNKNOWN
HPSBMA02568

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:303

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:305

Source: MLIST
Type: Patch
[oss-security] 20091120 CVE request: php 5.3.1 update

Source: MLIST
Type: UNKNOWN
[oss-security] 20091120 Re: CVE request: php 5.3.1 update

Source: CCN
Type: OSVDB ID: 60451
PHP File Upload Crafted multipart/form-data Temporary File Exhaustion Remote DoS

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.php.net/ChangeLog-5.php

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/releases/5_2_12.php

Source: CCN
Type: The PHP Group Web site
PHP 5.3.1 Release Announcement

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.php.net/releases/5_3_1.php

Source: BUGTRAQ
Type: UNKNOWN
20091120 PHP "multipart/form-data" denial of service

Source: CCN
Type: BID-43236
3Com OfficeConnect Gigabit VPN Firewall (3CREVF100-73) Cross Site Scripting Vulnerability

Source: CCN
Type: BID-43269
HP System Management Homepage Unspecified HTTP Response Splitting Vulnerability

Source: CCN
Type: USN-862-1
php5 vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2009-3593

Source: XF
Type: UNKNOWN
php-multipart-formdata-dos(54455)

Source: XF
Type: UNKNOWN
php-multipart-formdata-dos(54455)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10483

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6667

Source: SUSE
Type: SUSE-SR:2010:005
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:php:php:5.2.11:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.3.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:php:php:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.9:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.10:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.11:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/h:f5:firepass:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*
  • OR cpe:/a:f5:firepass:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:f5:firepass:6.1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20094017
    V
    		CVE-2009-4017
    2022-05-20
    oval:org.opensuse.security:def:31707
    P
    		Security update for postgresql10 (Important)
    2021-11-22
    oval:org.opensuse.security:def:31302
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:31658
    P
    		Security update for the Linux Kernel (Important)
    2021-07-22
    oval:org.opensuse.security:def:31224
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:31210
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-06-18
    oval:org.opensuse.security:def:42077
    P
    		Security update for curl (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:31150
    P
    		Security update for xorg-x11-server (Important)
    2021-04-14
    oval:org.opensuse.security:def:31746
    P
    		Security update for wavpack (Important)
    2021-03-24
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31359
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31356
    P
    		Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:35670
    P
    		apache2-mod_php5-5.2.14-0.7.24.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:41931
    P
    		apache2-mod_php5-5.2.6-50.24.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35524
    P
    		apache2-mod_php5-5.2.6-50.24.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31078
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31139
    P
    		Security update for less (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31804
    P
    		Security update for ant (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25075
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25652
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:25563
    P
    		Security update for xrdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:32450
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31768
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31853
    P
    		Security update for coreutils (Important)
    2020-12-01
    oval:org.opensuse.security:def:25076
    P
    		Security update for cpio (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25705
    P
    		Security update for python3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25647
    P
    		Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32489
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31958
    P
    		Security update for gtk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31892
    P
    		Security update for expat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25087
    P
    		Security update for strongswan (Important)
    2020-12-01
    oval:org.opensuse.security:def:25754
    P
    		Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25221
    P
    		Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25798
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32596
    P
    		postgresql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31914
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25151
    P
    		Security update for file-roller (Low)
    2020-12-01
    oval:org.opensuse.security:def:25793
    P
    		Security update for icedtea-web (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25222
    P
    		Security update for java-1_8_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:25851
    P
    		Security update for freerdp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31446
    P
    		Security update for popt
    2020-12-01
    oval:org.opensuse.security:def:32635
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31448
    P
    		Security update for postgresql-init (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26489
    P
    		Security update for php7-imagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25279
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:25807
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25233
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25900
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:30992
    P
    		Security update for jakarta-taglibs-standard (Important)
    2020-12-01
    oval:org.opensuse.security:def:31602
    P
    		Security update for tomcat6
    2020-12-01
    oval:org.opensuse.security:def:31505
    P
    		Security update for python27 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26524
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25360
    P
    		Security update for xrdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:25997
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25297
    P
    		Security update for libX11 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25939
    P
    		Security update for gstreamer-0_10-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30993
    P
    		Security update for jasper
    2020-12-01
    oval:org.opensuse.security:def:31592
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25417
    P
    		Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26635
    P
    		quagga on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25425
    P
    		Security update for bluez (Important)
    2020-12-01
    oval:org.opensuse.security:def:25953
    P
    		Security update for gcc48 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31004
    P
    		Security update for java-1_6_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31138
    P
    		Security update for lcms
    2020-12-01
    oval:org.opensuse.security:def:25501
    P
    		Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:26670
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25506
    P
    		Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31812
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.mitre.oval:def:6667
    V
    		HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS)
    2015-04-20
    oval:org.mitre.oval:def:13706
    P
    		USN-862-1 -- php5 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:23025
    P
    		ELSA-2010:0040: php security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21391
    P
    		RHSA-2010:0040: php security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:10483
    V
    		PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.
    2013-04-29
    oval:com.redhat.rhsa:def:20100040
    P
    		RHSA-2010:0040: php security update (Moderate)
    2010-01-13
    BACK
    php php 5.2.11
    php php 5.3.0
    php php 5.2.0
    php php 5.2.1
    php php 5.2.3
    php php 5.2.2
    php php 5.2.4
    php php 5.2.5
    php php 5.2.6
    php php 5.2.7
    php php 5.2.8
    php php 5.2.9
    php php 5.2.10
    php php 5.2.11
    php php 5.3.0
    hp system management homepage 6.0
    hp system management homepage 6.1
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.0
    f5 firepass 6.0
    canonical ubuntu 8.04
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    apple mac os x server 10.6
    apple mac os x 10.6
    apple mac os x server 10.6.1
    apple mac os x 10.6.1
    apple mac os x server 10.6.2
    apple mac os x 10.6.2
    mandriva enterprise server 5
    mandriva enterprise server 5
    f5 firepass 7.0.0
    f5 firepass 6.1.0