| VID |
22674 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
According to its banner, the version of PHP 5.3.x or 5.4.x installed on the remote host is a version prior to 5.3.12 or 5.4.2. The PHP versions are affected by a remote code execution and information disclosure vulnerability. An error in the file 'sapi/cgi/cgi_main.c' can allow a remote attacker to obtain PHP source code from the web server or to potentially execute arbitrary code. In vulnerable configurations, PHP treats certain query string parameters as command line arguments including switches such as '-s', '-d', and '-c'.
* Note: This check solely relied on the version number of the remote PHP to assess this vulnerability, so this might be a false positive.
* References:
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
https://bugs.php.net/bug.php?id=61910
http://www.php.net/archive/2012.php#id2012-05-03-1
http://www.php.net/ChangeLog-5.php#5.3.12
http://www.php.net/ChangeLog-5.php#5.4.2
* Platforms Affected:
PHP Prior to 5.3.12
PHP Prior to 5.4.2
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PHP (5.3.12 or 5.4.2 or later), available from the PHP web site at http://www.php.net/downloads.php |
| Related URL |
CVE-2012-1823 (CVE) |
| Related URL |
53388 (SecurityFocus) |
| Related URL |
(ISS) |
|
