GEN:SID 1:824
Message WEB-CGI php.cgi access
Summary A remote user has tried access the php.cgi script. Some versions
of this script can allow access to any file the
server can read.
Impact Information disclosure.
Detailed Information Because of a design problem in this version of PHP/FI, remote users are
able to access any file that the UID of the http process has access to.
The exploit is a simple web request for the file and can be used with
malicious intent.
Affected Systems PHP/FI 2.0
Attack Scenarios An attacker can simply pass a file name to the script
and be able to view the file if the web server has access
to it. This can be used to obtain passwords or other sensitive
information.

Example: http://somewebserver/php.cgi?/path/to/desired/file
Ease of Attack Simple.
Corrective Action Upgrade or remove the file php.cgix
Additional References Arachnids:
http://www.whitehats.com/info/IDS232

Bugraq:
http://www.securityfocus.com/bid/2250

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0238
Rule References arachnids: 232
bugtraq: 2250
bugtraq: 712
cve: 1999-0238
cve: 1999-058
nessus: 10178