Serendipity Forums

Posted: **Fri May 04, 2012 11:49 am**

http://www.php.net/archive/2012.php#id2012-05-03-1
Servers using Apache mod_cgi (php5-cgi) are affected by a vulnerability in certain CGI-based setups which shows a scripts sourcecode via a GET url.

As there is a official workaround which does not fit enough, you could use this from the heise(de) forum, as long as there aren't strong official PHP patches:

Code: Select all

# ---Code-Schnipsel für eine Apache Config-Datei, Start, v0.3---
# Workaround: PHP vulnerability, CGI based PHP call
# see http://www.php.net/archive/2012.php#id2012-05-03-1
RewriteEngine On
RewriteCond %{QUERY_STRING} "^(%20|\+){0,}(%2d|-)(.*)$" [NC]
RewriteRule (.*) $1?nice=try [L,NC]
# ---Code-Schnipsel für eine Apache Config-Datei, Ende, v0.3---

Posted: **Fri May 04, 2012 3:42 pm**

Timbalu wrote:Servers using Apache mod_cgi (php5-cgi) are affected by a vulnerability in certain CGI-based setups which shows a scripts sourcecode via a GET url.

Also note that FastCGI is usually not affected by this vulnerability, but depending on your hoster's setup, it could be affected. Apparently (I can't explain this better), you can run FastCGI in different ways. My old hoster offered to run it through an AddHandler statement in the user's .htaccess – that way, FastCGI PHP is still vulnerable to this (that's what their support says; I still have some client accounts there).

YL

Posted: **Fri May 04, 2012 4:46 pm**

Update: the patches by php.net do not solve the problem by now.
http://www.php-security.net/archives/11 ... -2311.html
advises this as a hot-fix:

Code: Select all

RewriteEngine on
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|\- [NC]
RewriteRule .? - [F,L]

Serendipity Forums

PHP Security alert

PHP Security alert

Re: PHP Security alert

Re: PHP Security alert