PHP remote file read vulnerability

Risk Level: Medium risk vulnerability  Medium

Check or Attack Name: PHPread
Platforms: PHP, Common Gateway Interface (CGI)
Description:

The php.cgi program contains a vulnerability that allows a remote attacker to view the contents of any file accessible to the user who owns the server process. The php.cgi program is part of the PHP/FI package written by Rasmus Lerdorf.
Remedy:

Upgrade to the latest version of PHP/FI, which includes fixes for this security problem.
References:

PHP: Hypertext Preprocessor Home Page, PHP Information, http://www.php.net
X-Force Logo
Know Your Risks