Critical issue is fixed in PHP 5.3.5 and 5.2.17 (32-bit systems)
Posted by Esvon Support on 07 January 2011 05:36 PM
Referring to: http://bugs.php.net/53632
PHP 5.3.5 and 5.2.17 were released quickly to address critical bug discovered on 30/12/2010, looks like the earlier PHP versions on 32-bit systems are vulnerable to simple Denial of Service attack by remote user which will bring your server to its knees (exhaust server's CPU resources).
Solution: install patch or the latest PHP version (we recommend 5.2.17 for compatibility's sake).
As the temporary solution you can use the following mod_security rule:
SecRule QUERY_STRING "\d+e\-\d+" "phase:2,deny,status:403"
to 100% uptime of your websites
The Esvon Team