There is a vulnerability in certain CGI-based setups (Apache+mod_php and nginx+php-fpm are not affected) that has gone unnoticed for at least 8 years...
read more: http://www.php.net/archive/2012.php#id2012-05-03-1
cereal
1,524
Nearly a Senior Poster
Featured Poster
Recommended Answers
Jump to Post@cereal
Or search for CVE-2012-2311 on google. Anyway, remember this is related only to mod_cgi.
OK, I get it now. Thanks for the link. I got a better understanding what the issue is.
All 3 Replies
LastMitch
@cereal
Vulnerability in PHP CGI
I actually never try this Mod before:
RewriteCond %{QUERY_STRING} ^(%2d|-)[^=]+$ [NC]
RewriteRule ^(.*) $1? [L]
Does it work?
Does solve the Vulnerability in PHP CGI?
cereal
1,524
Nearly a Senior Poster
Featured Poster
Not completely, they posted an update few days later: http://www.php.net/archive/2012.php#id2012-05-06-1
The rewrite rule to test is this:
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|\- [NC]
RewriteRule .? - [F,L]
basically try something like this:
- http://localhost/page.php?-s
- http://localhost/page.php?%2ds
- http://localhost/page.php?+-s
- http://localhost/page.php?%2b%2ds
If you don't get the source of the page then it's reasonably safe. But it is always better to upgrade at least to 5.3.13 or 5.4.3 as suggested by PHP.net advisory. You can find more information and few patch suggestions here:
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
Or search for CVE-2012-2311 on google. Anyway, remember this is related only to mod_cgi.
LastMitch
commented:
Thanks for Sharing!
+0
LastMitch
@cereal
Or search for CVE-2012-2311 on google. Anyway, remember this is related only to mod_cgi.
OK, I get it now. Thanks for the link. I got a better understanding what the issue is.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.