CVE-2012-1823
CRITICAL
9,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
7,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,9443
Percentile
1,0th
Updated
EPSS Score Trend (Last 91 Days)
77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
DraftCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies:
AI/ML
Exploit
PHP 5.3.12/5.4.2 - CGI Argument Injection (Metasploit)
Verified Metasploit Framework (MSF)PHP 5.3.12/5.4.2 - CGI Argument Injection (Metasploit)
View Exploit Code →
Exploit
PHP < 5.3.12 / < 5.4.2 - CGI …
VerifiedPHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
View Exploit Code →
Exploit
Apache + PHP < 5.3.12 / < 5.4.2 …
VerifiedApache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution
View Exploit Code →
Exploit
Apache + PHP < 5.3.12 / < 5.4.2 …
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution + Scanner
View Exploit Code →
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Hp-Ux by Hp
CPE Identifier
View Detailed Analysis
cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Server Aus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Mac Os X by Apple
Version Range Affected
From
10.8.0
(inclusive)
To
10.8.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Php by Php
Version Range Affected
From
5.4.0
(inclusive)
To
5.4.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Eus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_eus:6.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Enterprise Software Development Kit by Suse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Storage by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Server by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Gluster Storage Server For On-Premise by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Enterprise Software Development Kit by Suse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Application Stack by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:application_stack:2.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Enterprise Server by Suse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Eus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Server by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Hp-Ux by Hp
CPE Identifier
View Detailed Analysis
cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Php by Php
Version Range Affected
To
5.3.12
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Server Aus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Mac Os X by Apple
Version Range Affected
From
10.6.8
(inclusive)
To
10.7.5
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Eus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Workstation by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Enterprise Server by Suse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Enterprise Server by Suse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Opensuse by Opensuse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Workstation by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Opensuse by Opensuse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux Desktop by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Storage For Public Cloud by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012…
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html
http://marc.info/?l=bugtraq&m=134012830914727&w=2
http://rhn.redhat.com/errata/RHSA-2012-0546.html
http://rhn.redhat.com/errata/RHSA-2012-0547.html
http://rhn.redhat.com/errata/RHSA-2012-0568.html
http://rhn.redhat.com/errata/RHSA-2012-0569.html
http://rhn.redhat.com/errata/RHSA-2012-0570.html
https://bugs.php.net/bug.php?id=61910
https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=133…
http://secunia.com/advisories/49014
http://secunia.com/advisories/49065
http://secunia.com/advisories/49085
http://secunia.com/advisories/49087
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/[email protected]…
http://support.apple.com/kb/HT5501
http://www.debian.org/security/2012/dsa-2465
http://www.kb.cert.org/vuls/id/520827
http://www.kb.cert.org/vuls/id/673343
http://www.mandriva.com/security/advisories?name=MDVSA-2012:068
http://www.openwall.com/lists/oss-security/2024/06/07/1
http://www.php.net/archive/2012.php#id2012-05-03-1
http://www.php.net/ChangeLog-5.php#5.4.2
http://www.securitytracker.com/id?1027022
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html
http://marc.info/?l=bugtraq&m=134012830914727&w=2
http://rhn.redhat.com/errata/RHSA-2012-0546.html
http://rhn.redhat.com/errata/RHSA-2012-0547.html
http://rhn.redhat.com/errata/RHSA-2012-0568.html
http://rhn.redhat.com/errata/RHSA-2012-0569.html
http://rhn.redhat.com/errata/RHSA-2012-0570.html
https://bugs.php.net/bug.php?id=61910
https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=133…
http://secunia.com/advisories/49014
http://secunia.com/advisories/49065
http://secunia.com/advisories/49085
http://secunia.com/advisories/49087
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
http://support.apple.com/kb/HT5501
http://www.debian.org/security/2012/dsa-2465
http://www.kb.cert.org/vuls/id/520827
http://www.kb.cert.org/vuls/id/673343
http://www.mandriva.com/security/advisories?name=MDVSA-2012:068
http://www.openwall.com/lists/oss-security/2024/06/07/1
http://www.php.net/archive/2012.php#id2012-05-03-1
http://www.php.net/ChangeLog-5.php#5.4.2
http://www.securitytracker.com/id?1027022