Amazon Linux AMI : php Multiple Vulnerabilities (ALAS-2012-77)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Amazon Linux AMI host is missing a security update.

Description :

A flaw was found in the way the php-cgi executable processed command
line arguments when running in CGI mode. A remote attacker could send
a specially crafted request to a PHP script that would result in the
query string being parsed by php-cgi as command line options and
arguments. This could lead to the disclosure of the script's source
code or arbitrary code execution with the privileges of the PHP
interpreter. (CVE-2012-1823)

PHP before 5.3.10 does not properly perform a temporary change to the
magic_quotes_gpc directive during the importing of environment
variables, which makes it easier for remote attackers to conduct SQL
injection attacks via a crafted request, related to
main/php_variables.c, sapi/cgi/cgi_main.c, and
sapi/fpm/fpm/fpm_main.c. (CVE-2012-0831)

Scripts using PHP 5.3 that accept multiple file uploads in a single
request are potentially vulnerable to a directory traversal attack.
(CVE-2012-1172)

See also :

http://www.nessus.org/u?56ac9a9a

Solution :

Run 'yum update php*' to upgrade your system.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Public Exploit Available : true

Family: Amazon Linux Local Security Checks

Nessus Plugin ID: 69684 ()

Bugtraq ID:

CVE ID: CVE-2012-0831
CVE-2012-1172
CVE-2012-1823