HTTP: PHP 'php-cgi' Command Line Attribute Remote Code Execution
This signature detects attempts to exploit a known flaw in the PHP Common Gateway Interface (PHP-CGI). A successful attack could result in arbitrary code execution with the permissions of the web server process. This issue is currently being actively exploited in the wild by malicious users. Patches are available.
Extended Description
PHP is prone to an information-disclosure vulnerability. Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected computer; other attacks are also possible.
Affected Products
Avaya aura_messaging
Short Name
HTTP:PHP:PHP-CGI-CMD-LINE-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
'php-cgi' Attribute CVE-2012-1823 CVE-2012-2311 Code Command Execution Line PHP Remote bid:53388
Release Date
05/09/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Suse
Hp
Turbolinux
Avaya
Mandriva
Ubuntu
Oracle
Php
Debian
CVSS Score
7.5