Last week, a PHP-CGI vulnerability wasmdisclosed. The first person / group that reported this vulnerability is De Eindbazen. Famous Group in CTF World (Haha..). They found this vulnerability while playing Nullcon CTF. The details about this vulnerability :
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
This is the example payload taken by Ryan Barnett in his honeypot machine :
http://blog.spiderlabs.com/2012/05/honeypot-alert-active-exploit-attempts-for-php-cgi-vuln.html
You also can read the Proof of COncept from Spiderlabs here :
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
This page tell you about mitigation for this vulnerability :
http://www.php-security.net/archives/11-Mitigation-for-CVE-2012-1823-CVE-2012-2311.html
De Eindbazen also write some codes for the mitigation, you can download it here :
http://eindbazen.net/wp-content/uploads/2012/05/CVE-2012-1823-mitigation.tar.gz
Happy Hacking