Lucene search

K
saint
SAINT CorporationSAINT:4757B9E50DEDA6FBFE3C977620C279FB
HistoryMay 15, 2012 - 12:00 a.m.

PHP CGI Query String Parameters Command Execution

2012-05-1500:00:00
SAINT Corporation
download.saintcorporation.com
85

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

Added: 05/15/2012
CVE: CVE-2012-1823
BID: 53388
OSVDB: 81633

Background

PHP is a widely used general-purpose scripting language that is especially suited for Web development.

Problem

When configured as a CGI script (aka php-cgi), PHP does not properly handle query string parameters which are passed directly to the php-cgi program. This can be exploited to execute arbitrary system commands or disclose the PHP source code.

Resolution

Upgrade PHP to version 5.4.3 or 5.3.13 or higher.

References

<http://secunia.com/advisories/49014&gt;
<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823&gt;

Limitations

This exploit has been tested against PHP 5.3.10 on Windows XP SP3 and PHP 5.4.0 on Ubuntu 11.10 Linux.

Platforms

Windows
Linux
Mac OS X

How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

Related for SAINT:4757B9E50DEDA6FBFE3C977620C279FB