This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
Stefan Esser discovered a remotely exploitable vulnerability in PHP
where a remote attacker could trigger a memory_limit request
termination in places where an interruption is unsafe. This could be
used to execute arbitrary code.
As well, Stefan Esser also found a vulnerability in the handling of
allowed tags within PHP's strip_tags() function. This could lead to a
number of XSS issues on sites that rely on strip_tags()
only seems to affect the Internet Explorer and Safari browsers.
The updated packages have been patched to correct the problem and all
users are encouraged to upgrade immediately.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Public Exploit Available : true