HighCheck or Attack Name: PHPBufferOverflow
The php CGI program (php.cgi) is part of the PHP/FI package written by Rasmus Lerdorf. This program contains a buffer overflow that allows remote attackers to execute arbitrary commands on a web server. Commands are limited to those capable of being run under the UID of the user owning the httpd process, usually nobody.
Disable access to the php.cgi executable and upgrade to the latest version of PHP/FI.
PHP: Hypertext Preprocessor Home Page, PHP Information, http://www.php.net
Network Associates, Inc. Security Advisory #12, PHP/FI command line buffer overflow, http://www.nai.com/nai_labs/asp_set/advisory/12_php_overflow_adv.asp
