VULHUB ™

A vulnerability has been discovered in the mod_php module available for Apache web servers that may, under some circumstances, leak file descriptor information. By exploiting this vulnerability it may be possible for a remote attacker to reuse file descriptors used by the httpd daemon, effectively taking control of TCP port 80. Exploitation of this issue may allow an attacker to bind a malicious server in place of Apache httpd server. It should be noted that this issue is exploitable only if the 'safe_mode' PHP option is disabled.

A vulnerability has been discovered in the mod_php module available for Apache web servers that may, under some circumstances, leak file descriptor information. By exploiting this vulnerability it may be possible for a remote attacker to reuse file descriptors used by the httpd daemon, effectively taking control of TCP port 80. Exploitation of this issue may allow an attacker to bind a malicious server in place of Apache httpd server. It should be noted that this issue is exploitable only if the 'safe_mode' PHP option is disabled.