Synopsis :

Arbitrary commands may be run on the remote server.

Description :

The remote host is running PHP 4.0.5.

There is a flaw in this version of PHP that allows local users to
circumvent the safe mode and to gain the UID of the HTTP process.

Solution :

Upgrade to PHP 4.1.0.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.8
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true