OVAL Reference oval:org.mitre.oval:def:19063

Oval Definition:

oval:org.mitre.oval:def:19063

Revision Date:	2015-04-20	Version:	30
Title:	HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS)
Description:	sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2012-1823
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis
Criteria meets HP Security Bulletin HPSBUX02791 HP-UX B.11.11 AND filesets tests hpuxwsAPACHE.APACHE version is less than B.2.0.64.04 OR hpuxwsAPACHE.APACHE2 version is less than B.2.0.64.04 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.64.04 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.64.04 OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.64.04 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.64.04 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.64.04 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.64.04 OR hpuxwsAPACHE.PHP version is less than B.2.0.64.04 OR hpuxwsAPACHE.PHP2 version is less than B.2.0.64.04 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.64.04 OR Criteria meets HP Security Bulletin HPSBUX02791 HP-UX B.11.23 AND filesets tests hpuxws22APCH32.APACHE version is less than B.2.2.15.13 OR hpuxws22APCH32.APACHE2 version is less than B.2.2.15.13 OR hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.13 OR hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_JK version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.13 OR hpuxws22APCH32.PHP version is less than B.2.2.15.13 OR hpuxws22APCH32.PHP2 version is less than B.2.2.15.13 OR hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.13 OR hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.13 OR hpuxws22APACHE.APACHE version is less than B.2.2.15.13 OR hpuxws22APACHE.APACHE2 version is less than B.2.2.15.13 OR hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.13 OR hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_JK version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.13 OR hpuxws22APACHE.PHP version is less than B.2.2.15.13 OR hpuxws22APACHE.PHP2 version is less than B.2.2.15.13 OR hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.13 OR hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.13 OR Criteria meets HP Security Bulletin HPSBUX02791 HP-UX B.11.31 AND filesets tests hpuxws22APCH32.APACHE version is less than B.2.2.15.13 OR hpuxws22APCH32.APACHE2 version is less than B.2.2.15.13 OR hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.13 OR hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_JK version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.13 OR hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.13 OR hpuxws22APCH32.PHP version is less than B.2.2.15.13 OR hpuxws22APCH32.PHP2 version is less than B.2.2.15.13 OR hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.13 OR hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.13 OR hpuxws22APACHE.APACHE version is less than B.2.2.15.13 OR hpuxws22APACHE.APACHE2 version is less than B.2.2.15.13 OR hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.13 OR hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_JK version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.13 OR hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.13 OR hpuxws22APACHE.PHP version is less than B.2.2.15.13 OR hpuxws22APACHE.PHP2 version is less than B.2.2.15.13 OR hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.13 OR hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.13

BACK