Apache And Nginx PHP Websites Denial Of Service Vulnerability
Severity: CRITICAL
Advisory Date: JUL 21, 2015
DESCRIPTION
A denial of service vulnerability exists in PHP running with Apache and NGINX systems (PHP-FPM and PHP-CGI). The attacker can flood a Linux web server's CPU and RAM using standard HTTP requests. The vulnerability effects Apache or NGINX web servers that handle dynamic PHP content using either PHP-CGI or PHP-FPM (which includes WordPress websites). In addition, web server configurations will continue to keep the server's resources in use far past the end of the attack.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1006049