Lucene search
SAINT CorporationSAINT:A44F3BA5218E70289A3DA48E0A2F5B88HistoryMay 15, 2012 - 12:00 a.m.
PHP CGI Query String Parameters Command Execution
2012-05-1500:00:00
SAINT Corporation
www.saintcorporation.com
63
0.975 High
EPSS
Percentile
100.0%
Added: 05/15/2012
CVE: CVE-2012-1823
BID: 53388
OSVDB: 81633
Background
PHP is a widely used general-purpose scripting language that is especially suited for Web development.
Problem
When configured as a CGI script (aka php-cgi), PHP does not properly handle query string parameters which are passed directly to the php-cgi program. This can be exploited to execute arbitrary system commands or disclose the PHP source code.
Resolution
Upgrade PHP to version 5.4.3 or 5.3.13 or higher.
References
<http://secunia.com/advisories/49014>
<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823>
Limitations
This exploit has been tested against PHP 5.3.10 on Windows XP SP3 and PHP 5.4.0 on Ubuntu 11.10 Linux.
Platforms
Windows
Linux
Mac OS X
Related
symantec
symantec
PHP 'php-cgi' Information Disclosure Vulnerability
2012-05-04 00:00:00
nessus
nessus
Oracle Linux 5 : php53 (ELSA-2012-0547)
2013-07-12 00:00:00
Oracle Linux 5 / 6 : php (ELSA-2012-0546)
2013-07-12 00:00:00
thn
thn
Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability
2013-11-30 09:08:00
Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability
2013-11-30 20:08:00
Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies
2014-03-19 22:26:00
openvas
openvas
RedHat Update for php53 RHSA-2012:0547-01
2012-05-08 00:00:00
Mandriva Update for php MDVSA-2012:068 (php)
2012-08-03 00:00:00
Amazon Linux: Security Advisory (ALAS-2012-77)
2015-09-08 00:00:00
cert
cert
Parallels Plesk Panel phppath/php vulnerability
2013-06-07 00:00:00
PHP-CGI query string parameter vulnerability
2012-05-03 00:00:00
saint
saint
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
centos
centos
php security update
2012-05-07 21:09:19
php53 security update
2012-05-07 23:01:16
php security update
2012-06-27 20:21:47
amazon
amazon
Critical: php
2012-05-09 14:54:00
redhat
redhat
(RHSA-2012:0569) Critical: php53 security update
2012-05-10 00:00:00
(RHSA-2012:0568) Critical: php security update
2012-05-10 00:00:00
(RHSA-2012:0570) Critical: php security update
2012-05-11 00:00:00
seebug
seebug
PHP CGI Argument Injection Exploit
2014-07-01 00:00:00
PHP-CGI Argument Injection Remote Code Execution
2012-12-25 00:00:00
PHP CGI Argument Injection
2014-07-01 00:00:00
threatpost
threatpost
Apple Fixes Serious Flaws in iOS 5.1.1
2012-05-08 13:49:34
Leaders from China, U.S. Meet, Agree to Rally Against Cyber Threats
2012-05-08 17:24:22
Exploits for Two-Year-Old PHP Security Vulnerability Found
2014-03-19 12:12:20
attackerkb
attackerkb
CVE-2012-1823
2012-05-11 00:00:00
CVE-2013-4878
2013-07-18 00:00:00
packetstorm
packetstorm
Apache + PHP 5.x Remote Code Execution Python Exploit #2
2013-10-31 00:00:00
PHP CGI Argument Injection
2012-05-22 00:00:00
PHP-CGI Argument Injection Remote Code Execution
2012-12-24 00:00:00
exploitpack
exploitpack
Apache + PHP 5.3.12 5.4.2 - cgi-bin Remote Code Execution
2013-10-29 00:00:00
PHP 5.3.12 5.4.2 - CGI Argument Injection
2012-05-05 00:00:00
Plesk 9.5.4 - Remote Command Execution
2013-06-05 00:00:00
cisa_kev
cisa_kev
PHP-CGI Query String Parameter Vulnerability
2022-03-25 00:00:00
metasploit
metasploit
PHP CGI Argument Injection
2012-05-09 16:01:15
freebsd
freebsd
php -- vulnerability in certain CGI-based setups
2012-05-03 00:00:00
php -- multiple vulnerabilities
2012-05-08 00:00:00
oraclelinux
oraclelinux
php security update
2012-05-07 00:00:00
php53 security update
2012-05-07 00:00:00
prion
prion
Design/Logic Flaw
2012-05-11 10:15:00
Design/Logic Flaw
2012-05-11 10:15:00
Design/Logic Flaw
2012-05-11 10:15:00
securityvulns
securityvulns
PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
2012-05-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 08:51:10
Arbitrary Code Execution
2019-05-02 04:42:12
Denial Of Service (DoS)
2019-05-02 04:42:12
canvas
canvas
Immunity Canvas: PHP_CGI_REMOTE
2012-05-11 10:15:00
zdt
zdt
Apache Magicka Remote Code Execution Vulnerability
2013-10-31 00:00:00
cve
cve
nuclei
nuclei
PHP CGI v5.3.12/5.4.2 Remote Code Execution
2021-07-20 09:32:27
exploitdb
exploitdb
Plesk < 9.5.4 - Remote Command Execution
2013-06-05 00:00:00
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
2012-05-05 00:00:00
Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution
2013-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.5
2012-05-27 01:52:21
[SECURITY] Fedora 15 Update: php-5.3.13-1.fc15
2012-05-27 07:21:55
[SECURITY] Fedora 15 Update: php-eaccelerator-0.9.6.1-9.fc15.5
2012-05-27 07:21:55
suse
suse
update for php5 (critical)
2012-05-07 16:08:55
Security update for PHP5 (critical)
2012-05-09 02:08:18
Security update for PHP5 (critical)
2012-05-09 22:08:16
ubuntucve
ubuntucve
ubuntu
ubuntu
PHP vulnerability
2012-05-04 00:00:00
debian
debian
[SECURITY] [DSA 2465-1] php5 security update
2012-05-09 17:23:53
nmap
nmap
http-vuln-cve2012-1823 NSE Script
2012-05-08 05:56:04
osv
osv
php5 - several
2012-05-09 00:00:00
checkpoint_advisories
checkpoint_advisories