SANS Penetration Testing: Daily Archives: Jun 04, 2012

Tips for Pen Testers on Exploiting the PHP Remote Execution Vulnerability

[Editor's Note: A couple of weeks ago, there was some hubbub about a vulnerability in PHP that allowed for remote system compromise, as described in CVE-2012-1823. Bad guys are exploiting this in the wild now, as reported by the Internet Storm Center here. Jose Selvi wrote a brief article summarizing the type of issue we're … Continue reading Tips for Pen Testers on Exploiting the PHP Remote Execution Vulnerability