9.8

CVE-2012-1823

Warnung
Exploit
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version < 5.3.12
PhpPhp Version >= 5.4.0 < 5.4.2
FedoraprojectFedora Version39
FedoraprojectFedora Version40
DebianDebian Linux Version6.0
HpHp-ux Versionb.11.23
HpHp-ux Versionb.11.31
OpensuseOpensuse Version11.4
OpensuseOpensuse Version12.1
SuseLinux Enterprise Server Version10 Updatesp4 SwEdition-
SuseLinux Enterprise Server Version11 Updatesp2 SwPlatform-
SuseLinux Enterprise Server Version11 Updatesp2 SwPlatformvmware
ApplemacOS X Version >= 10.6.8 < 10.7.5
ApplemacOS X Version >= 10.8.0 < 10.8.2
RedhatApplication Stack Version2.0
RedhatStorage Version2.0
RedhatEnterprise Linux Eus Version5.6
RedhatEnterprise Linux Eus Version6.1
RedhatEnterprise Linux Eus Version6.2

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

PHP-CGI Query String Parameter Vulnerability

Schwachstelle

sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 100% 1
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
Broken Link
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
Third Party Advisory
Mailing List
http://support.apple.com/kb/HT5501
Third Party Advisory
http://marc.info/?l=bugtraq&m=134012830914727&w=2
Mailing List
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
Exploit
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html
Third Party Advisory
Mailing List
http://rhn.redhat.com/errata/RHSA-2012-0546.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0547.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0568.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0569.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0570.html
Third Party Advisory
http://secunia.com/advisories/49014
Broken Link
http://secunia.com/advisories/49065
Broken Link
http://secunia.com/advisories/49085
Broken Link
http://secunia.com/advisories/49087
Broken Link
http://www.debian.org/security/2012/dsa-2465
Third Party Advisory
http://www.kb.cert.org/vuls/id/520827
Third Party Advisory
US Government Resource
Exploit
http://www.kb.cert.org/vuls/id/673343
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2012:068
Broken Link
http://www.openwall.com/lists/oss-security/2024/06/07/1
Mailing List
http://www.php.net/ChangeLog-5.php#5.4.2
Patch
Exploit
Release Notes
http://www.php.net/archive/2012.php#id2012-05-03-1
Release Notes
http://www.securitytracker.com/id?1027022
Third Party Advisory
Broken Link
VDB Entry
https://bugs.php.net/bug.php?id=61910
Patch
Exploit
https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1
Patch
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
Mailing List
Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
Mailing List
Release Notes
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
Mailing List
Release Notes
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1823
US Government Resource