silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,172
- Content source
- https://threatpost.com/php-bug-rce-nginx-servers/149593/
A buffer underflow bug in PHP could allow remote code-execution (RCE) on targeted NGINX servers.
First discovered during a hCorem Capture the Flag competition in September, the bug (CVE-2019-11043) exists in the FastCGI directive used in some PHP implementations on NGINX servers, according to researchers at Wallarm.
PHP powers about 30 percent of modern websites, including popular web platforms like WordPress and Drupal – but NGINX servers are only vulnerable if they have PHP-FPM enabled (a non-default optimization feature that allows servers to execute scripts faster).
The issue is patched in PHP versions 7.3.11, 7.2.24 and 7.1.33, which were released last week.
PHP Bug Allows RCE on NGINX Servers
CVE-2019-11043 is trivial to exploit — and a proof of concept is available.
threatpost.com