Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2012-0569.NASL
HistoryJan 24, 2013 - 12:00 a.m.

RHEL 5 : php53 (RHSA-2012:0569)

2013-01-2400:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27
JSON

Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Extended Update Support.

The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script’s source code or arbitrary code execution with the privileges of the PHP interpreter. (CVE-2012-1823)

Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations.
This flaw does not affect the default configuration using the PHP module for Apache httpd to handle PHP scripts.

All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2012:0569. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(64036);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/28");

  script_cve_id("CVE-2012-1823");
  script_xref(name:"RHSA", value:"2012:0569");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/15");

  script_name(english:"RHEL 5 : php53 (RHSA-2012:0569)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"Updated php53 packages that fix one security issue are now available
for Red Hat Enterprise Linux 5.6 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
critical security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

PHP is an HTML-embedded scripting language commonly used with the
Apache HTTP Server.

A flaw was found in the way the php-cgi executable processed command
line arguments when running in CGI mode. A remote attacker could send
a specially crafted request to a PHP script that would result in the
query string being parsed by php-cgi as command line options and
arguments. This could lead to the disclosure of the script's source
code or arbitrary code execution with the privileges of the PHP
interpreter. (CVE-2012-1823)

Red Hat is aware that a public exploit for this issue is available
that allows remote code execution in affected PHP CGI configurations.
This flaw does not affect the default configuration using the PHP
module for Apache httpd to handle PHP scripts.

All php53 users should upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing the
updated packages, the httpd daemon must be restarted for the update to
take effect.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:0569");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2012-1823");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-1823");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'PHP CGI Argument Injection');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/05/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-process");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-xml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.6");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! ereg(pattern:"^5\.6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.6", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2012:0569";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-bcmath-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-bcmath-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-bcmath-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-cli-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-cli-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-cli-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-common-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-common-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-common-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-dba-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-dba-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-dba-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-devel-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-devel-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-devel-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-gd-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-gd-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-gd-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-imap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-imap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-imap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-intl-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-intl-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-intl-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-ldap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-ldap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-ldap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-mbstring-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-mbstring-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-mbstring-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-mysql-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-mysql-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-mysql-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-odbc-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-odbc-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-odbc-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-pdo-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-pdo-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-pdo-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-pgsql-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-pgsql-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-pgsql-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-process-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-process-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-process-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-pspell-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-pspell-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-pspell-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-snmp-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-snmp-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-snmp-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-soap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-soap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-soap-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-xml-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-xml-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-xml-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"php53-xmlrpc-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"s390x", reference:"php53-xmlrpc-5.3.3-1.el5_6.2")) flag++;
  if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"php53-xmlrpc-5.3.3-1.el5_6.2")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxphp53-xmlp-cpe:/a:redhat:enterprise_linux:php53-xml
redhatenterprise_linuxphp53-xmlrpcp-cpe:/a:redhat:enterprise_linux:php53-xmlrpc
redhatenterprise_linux5.6cpe:/o:redhat:enterprise_linux:5.6
redhatenterprise_linuxphp53p-cpe:/a:redhat:enterprise_linux:php53
redhatenterprise_linuxphp53-bcmathp-cpe:/a:redhat:enterprise_linux:php53-bcmath
redhatenterprise_linuxphp53-clip-cpe:/a:redhat:enterprise_linux:php53-cli
redhatenterprise_linuxphp53-commonp-cpe:/a:redhat:enterprise_linux:php53-common
redhatenterprise_linuxphp53-dbap-cpe:/a:redhat:enterprise_linux:php53-dba
redhatenterprise_linuxphp53-develp-cpe:/a:redhat:enterprise_linux:php53-devel
redhatenterprise_linuxphp53-gdp-cpe:/a:redhat:enterprise_linux:php53-gd
Rows per page:
1-10 of 221

Related

symantec 1
nessus 37
thn 4
openvas 58
cert 2
saint 4
centos 3
amazon 1
redhat 6
seebug 7
threatpost 11
attackerkb 2
packetstorm 6
exploitpack 3
cisa_kev 1
veracode 5
oraclelinux 2
zdt 1
canvas 1
cve 4
nuclei 1
metasploit 1
freebsd 2
prion 4
securityvulns 1
exploitdb 5
fedora 14
suse 4
ubuntucve 3
ubuntu 1
debian 1
osv 1
nmap 1
checkpoint_advisories 1
symantec
symantec
PHP 'php-cgi' Information Disclosure Vulnerability
2012-05-04 00:00:00
nessus
nessus
Oracle Linux 5 : php53 (ELSA-2012-0547)
2013-07-12 00:00:00
Oracle Linux 5 / 6 : php (ELSA-2012-0546)
2013-07-12 00:00:00
FreeBSD : php -- vulnerability in certain CGI-based setups (60de13d5-95f0-11e1-806a-001143cd36d8)
2012-05-07 00:00:00
thn
thn
Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability
2013-11-30 09:08:00
Un-Patched PHP-CGI remote code execution vulnerability can expose Source Codes
2012-05-03 16:55:00
Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability
2013-11-30 20:08:00
openvas
openvas
RedHat Update for php53 RHSA-2012:0547-01
2012-05-08 00:00:00
Mandriva Update for php MDVSA-2012:068 (php)
2012-08-03 00:00:00
Amazon Linux: Security Advisory (ALAS-2012-77)
2015-09-08 00:00:00
cert
cert
Parallels Plesk Panel phppath/php vulnerability
2013-06-07 00:00:00
PHP-CGI query string parameter vulnerability
2012-05-03 00:00:00
saint
saint
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
centos
centos
php security update
2012-05-07 21:09:19
php53 security update
2012-05-07 23:01:16
php security update
2012-06-27 20:21:47
amazon
amazon
Critical: php
2012-05-09 14:54:00
redhat
redhat
(RHSA-2012:0569) Critical: php53 security update
2012-05-10 00:00:00
(RHSA-2012:0570) Critical: php security update
2012-05-11 00:00:00
(RHSA-2012:0547) Critical: php53 security update
2012-05-07 00:00:00
seebug
seebug
PHP CGI Argument Injection Exploit
2014-07-01 00:00:00
PHP-CGI Argument Injection Remote Code Execution
2012-12-25 00:00:00
PHP-CGI远程任意代码执行漏洞
2012-05-04 00:00:00
threatpost
threatpost
Apple Fixes Serious Flaws in iOS 5.1.1
2012-05-08 13:49:34
Leaders from China, U.S. Meet, Agree to Rally Against Cyber Threats
2012-05-08 17:24:22
PHP Group Set to Release Another Patch for CVE-2012-1823 Flaw
2012-05-08 14:46:23
attackerkb
attackerkb
CVE-2012-1823
2012-05-11 00:00:00
CVE-2013-4878
2013-07-18 00:00:00
packetstorm
packetstorm
Apache + PHP 5.x Remote Code Execution Python Exploit #2
2013-10-31 00:00:00
Apache / PHP Remote Command Execution
2013-10-29 00:00:00
PHP CGI Injection
2012-05-06 00:00:00
exploitpack
exploitpack
Apache + PHP 5.3.12 5.4.2 - cgi-bin Remote Code Execution
2013-10-29 00:00:00
Plesk 9.5.4 - Remote Command Execution
2013-06-05 00:00:00
PHP 5.3.12 5.4.2 - CGI Argument Injection
2012-05-05 00:00:00
cisa_kev
cisa_kev
PHP-CGI Query String Parameter Vulnerability
2022-03-25 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 08:51:10
Denial Of Service (DoS)
2019-05-02 04:42:12
Denial Of Service (DoS) Or Directory Traversal
2019-05-02 04:42:12
oraclelinux
oraclelinux
php53 security update
2012-05-07 00:00:00
php security update
2012-05-07 00:00:00
zdt
zdt
Apache Magicka Remote Code Execution Vulnerability
2013-10-31 00:00:00
canvas
canvas
Immunity Canvas: PHP_CGI_REMOTE
2012-05-11 10:15:00
cve
cve
CVE-2012-1823
2012-05-11 10:15:00
CVE-2012-2311
2012-05-11 10:15:00
CVE-2012-2336
2012-05-11 10:15:00
nuclei
nuclei
PHP CGI v5.3.12/5.4.2 Remote Code Execution
2021-07-20 09:32:27
metasploit
metasploit
PHP CGI Argument Injection
2012-05-09 16:01:15
freebsd
freebsd
php -- vulnerability in certain CGI-based setups
2012-05-03 00:00:00
php -- multiple vulnerabilities
2012-05-08 00:00:00
prion
prion
Design/Logic Flaw
2012-05-11 10:15:00
Design/Logic Flaw
2012-05-11 10:15:00
Design/Logic Flaw
2012-05-11 10:15:00
securityvulns
securityvulns
PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
2012-05-24 00:00:00
exploitdb
exploitdb
Plesk &lt; 9.5.4 - Remote Command Execution
2013-06-05 00:00:00
PHP &lt; 5.3.12 / &lt; 5.4.2 - CGI Argument Injection
2012-05-05 00:00:00
Apache + PHP &lt; 5.3.12 / &lt; 5.4.2 - cgi-bin Remote Code Execution
2013-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.5
2012-05-27 01:52:21
[SECURITY] Fedora 16 Update: php-5.3.13-1.fc16
2012-05-27 01:52:21
[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.5
2012-05-27 01:52:21
suse
suse
update for php5 (critical)
2012-05-07 16:08:55
Security update for PHP5 (critical)
2012-05-09 02:08:18
Security update for PHP5 (critical)
2012-05-09 22:08:16
ubuntucve
ubuntucve
CVE-2012-1823
2012-05-03 00:00:00
CVE-2012-2311
2012-05-04 00:00:00
CVE-2012-2336
2012-05-11 00:00:00
ubuntu
ubuntu
PHP vulnerability
2012-05-04 00:00:00
debian
debian
[SECURITY] [DSA 2465-1] php5 security update
2012-05-09 17:23:53
osv
osv
php5 - several
2012-05-09 00:00:00
nmap
nmap
http-vuln-cve2012-1823 NSE Script
2012-05-08 05:56:04
checkpoint_advisories
checkpoint_advisories
PHP php-cgi Query String Parameter Code Execution (CVE-2012-1823; CVE-2012-2311; CVE-2012-2335; CVE-2012-2336; CVE-2013-4878)
2012-05-14 00:00:00
JSON
Related for REDHAT-RHSA-2012-0569.NASL
symantec1nessus37thn4openvas58cert2saint4centos3amazon1redhat6seebug7threatpost11attackerkb2packetstorm6exploitpack3cisa_kev1veracode5oraclelinux2zdt1canvas1cve4nuclei1metasploit1freebsd2prion4securityvulns1exploitdb5fedora14suse4ubuntucve3ubuntu1debian1osv1nmap1checkpoint_advisories1