GEN:SID 1:1773
Message WEB-PHP php.exe access
Summary This event is generated when an attempt is made to access the executable file php.exe.
Impact Severe - File execution and File access, due to a configuration error
Detailed Information Apache servers can use the keyword "ScriptAlias" to create virtual folders. This is used to install PHP CGI (ScriptAlias /php/ "c:/php/").
PHP version prior to an including 4.3.0 do not correctly check user input to this file. The executable php.exe can now be used to execute any file (even on different partitions) on the target host.

Affected Systems PHP versions 4.3.0 and prior used on Apache web servers for windows.
Attack Scenarios Read file: http://[targethost]/php/php.exe?c:\filetoread
Execute file: http://[targethost]/php/php.exe?c:\filetoexecute
Ease of Attack Simple
Corrective Action Update PHP to the latest non affected version from www.php.net

If the php.ini configuration file contains the keyword cgi.force_redirect this vulnerability can not be exploited.
Additional References  
Rule References url: www.securitytracker.com/alerts/2002/Jan/1003104.html