Welcome to WebmasterWorld Guest from 54.144.107.83

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Critical security issue in PHP

when used in CGI - based setup

     
7:08 am on May 4, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 8, 2003
posts:1141
votes: 0


[kb.cert.org...]

When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -s, -d or -c to be passed to the php-cgi binary, which can be exploited to disclose source code and obtain arbitrary code execution.

An example of the -s command, allowing an attacker to view the source code of index.php is below:

http://localhost/index.php?-s



Ouch. According to the PHP website, this has been around for the last eight years.

PHP has released versions PHP 5.3.12 and PHP 5.4.2, as well as an official mod_rewrite based workaround:

[php.net...]
1:20 pm on May 31, 2012 (gmt 0)

Administrator

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 31, 2003
posts:12533
votes: 0


And PHP 5.4.3 was also released on May 8. Anybody know the percentage of CGI versus mod_php installations?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members