News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP-Security.net:
New PHP-CGI Exploit (CVE-2012-1823)
May 04, 2012 @ 08:24:44

The PHP-Security.net site has two posts related to the recently discovered bug in PHP (hence the new versions) related to the CGI handling in certain server configurations.

In the first they detail more of what the bug is, how it could be exploited and link to the original advisory for the problem. Also included are more details on the issue, including sample avenues of attack.

In the second post they look at the recent PHP release and note that it does not completely rid the language of the problem. They point out that the Rewrite rule that's included in their post (not the one on PHP.net) should be used to prevent this issue from effecting your installations.

0 comments voice your opinion now!
exploit cgi release security rewrite rule modrewrite


blog comments powered by Disqus

Similar Posts

PHP-Code.net: Securing PHP Apps Part III Securing PHP on the server/Securing MySQL & Apache

Henrik Bjørnskov' Blog: Symfony2: Quick tip for your security configuration

Sebastian Bergmann's Blog: PHPUnit 3.1.0 (Release Announcement)

Community News: phpDocumentor-13.0RC6 Released

PHP.net: PHP 5.2.16 Released (End of Support for 5.2.x Series)


Community Events

Don't see your event here?
Let us know!


php7 version interview community framework language introduction release library wordpress podcast laravel5 laravel list unittest series api opinion extension voicesoftheelephpant

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework