?
Solved

PHP php-cgi Query String Parameter Parsing Exploit Attempt

Posted on 2014-10-29
1
Medium Priority
?
507 Views
Last Modified: 2014-11-25
I currently have a Web/FTP server that is running Windows 2008R2 standard that is getting monitored for ISP traffic and currently they are seeing

'50744 VID43969 PHP php-cgi Query String Parameter Parsing Exploit Attempt Inbound (CVE-2012-1823)' they are saying that one or more external hosts are attempting to discover whether one of your Internet-facing devices is vulnerable to either the PHP-CGI argument injection (CVE-2012-1823) or the PHP-CGI improper handling of query strings (CVE-2012-2311) vulnerabilities. Successful exploitation of these vulnerabilities may result in information disclosure or remote code execution.
I am not sure what this means and how to protect the system.
0
Comment
Question by:ahmad1467
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 40411498
These vulnerabilties are quite old.  Some background, so you can make your own tests:
http://www.cvedetails.com/cve/CVE-2012-1823
http://www.cvedetails.com/cve/CVE-2012-2311

At current levels of PHP there appears to be little risk:
http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-125891/PHP-PHP-5.4.2.html
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days socially coordinated efforts have turned into a critical requirement for enterprises.
This article discusses four methods for overlaying images in a container on a web page
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question