PHP expose_php Information Disclosure

medium Nessus Plugin ID 46803

Synopsis

The configuration of PHP on the remote host allows disclosure of sensitive information.

Description

The PHP install on the remote server is configured in a way that allows disclosure of potentially sensitive information to an attacker through a special URL. Such a URL triggers an Easter egg built into PHP itself.

Other such Easter eggs likely exist, but Nessus has not checked for them.

Solution

In the PHP configuration file, php.ini, set the value for 'expose_php' to 'Off' to disable this behavior. Restart the web server daemon to put this change into effect.

See Also

https://www.0php.com/php_easter_egg.php

https://seclists.org/webappsec/2004/q4/324

Plugin Details

Severity: Medium

ID: 46803

File Name: php_expose_php.nasl

Version: 1.8

Type: remote

Family: Web Servers

Published: 6/3/2010

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:php:php

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploited by Nessus: true

Vulnerability Publication Date: 11/28/2004