PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information

Attack against PHP-CGI - DoS, Code disclosure and more...

Note: This article was originally published at Planet PHP on 4 May 2012.
Planet PHP

There is a new PHP bug that just became public today (leaked accidentially, it seems...). A flaw in the PHP CGI's input sanitation process allows attackers to set command-line options via the query string.This behavior seems to be an oversight / misplaced design decision from 2004 and is only exploitable in specific web servers. Apache is one of them...


This opens interesting opportunities. I have blogged about those here: New Exploit @ php-security.net


By the way, Suhosin partially mitigates one of the easier remote code execution vectors that are opened through this attack.