ZenMap: 6.47
PHP version: 5.3.3
Redhat 2.6
[IP ADDRESS]: The server IP address
Verify the PHP-CGI vulnerabilities
1. In order to find and detect any PHP-CGI vulnerabilities, download ZenMap scanner from https://nmap.org/download.html.
2. Type in the command as described below in the ZenMap scanner.
nmap -p 80 --script http-vuln-cve2012-1823 [IP ADDRESS]
3. Or type in the command as described below in the ZenMap scanner.
nmap -p 80 --script http-vuln-cve2012-1823 --script-args uri=/login.php IP [IP ADDRESS]
4. Click on "Scan" button, the scanning process will start. If no vulnerabilities found, no error message will be displayed.
5. If vulnerabilities is found, "Vulnerabilities" warning message will be displayed
Investigation
For Redhat version 2.6, “CVE-2012-1823 - Apache / PHP5.x Remote Code Execution Exploit” vulnerability has been patched in Redhat security patch “RHSA-2012:0546-1”
In order to confirm that the Linux server has been patched properly, run the command below to check
yum list installed > /tmp/yum-list.txt