PHP MultiPart Form-Data Denial of Service proof of concept

PHP version 5.3.1 was just released. This release contains a patch for a denial of service condition we’ve reported on 27 October 2009. The problem is related with PHP’s handling of RFC 1867 (Form-based File upload in HTML).

Source: http://www.securityfocus.com/archive/1/507982

Exploit already on PacketStorm…