Apache / PHP 5.x Remote Code Execution

Posted: 2015-12-12 by Admin
We currently register more attacks on our honeypot system that want to exploit a specific vulnerability in Apache and PHP. This vulnerability is a remote code execution vulnerability that allows attackers to install a shell on the attacked servers. Here you can learn more about this vulnerability: CVE-2012-1823 This vulnerability is known since last year and fixed for some time, but it seems as if there are still vulnerable server on the Internet. Here a example of how such an attack in the log file might look like:
We would like to point out that you check your versions of the vulnerable programs and optionally perform an update.