This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A flaw was found in the way the php-cgi executable processed command
line arguments when running in CGI mode. A remote attacker could send
a specially crafted request to a PHP script that would result in the
query string being parsed by php-cgi as command line options and
arguments. This could lead to the disclosure of the script's source
code or arbitrary code execution with the privileges of the PHP
See also :
Run 'yum update php' to update your system.
Risk factor :
High / CVSS Base Score : 7.5
Public Exploit Available : true
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69684 ()
CVE ID: CVE-2012-1823