Solved

PHP php-cgi Query String Parameter Parsing Exploit Attempt

Posted on 2014-10-29
1
471 Views
Last Modified: 2014-11-25
I currently have a Web/FTP server that is running Windows 2008R2 standard that is getting monitored for ISP traffic and currently they are seeing

'50744 VID43969 PHP php-cgi Query String Parameter Parsing Exploit Attempt Inbound (CVE-2012-1823)' they are saying that one or more external hosts are attempting to discover whether one of your Internet-facing devices is vulnerable to either the PHP-CGI argument injection (CVE-2012-1823) or the PHP-CGI improper handling of query strings (CVE-2012-2311) vulnerabilities. Successful exploitation of these vulnerabilities may result in information disclosure or remote code execution.
I am not sure what this means and how to protect the system.
0
Comment
Question by:ahmad1467
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 40411498
These vulnerabilties are quite old.  Some background, so you can make your own tests:
http://www.cvedetails.com/cve/CVE-2012-1823
http://www.cvedetails.com/cve/CVE-2012-2311

At current levels of PHP there appears to be little risk:
http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-125891/PHP-PHP-5.4.2.html
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to count occurrences of each item in an array.

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question