This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in
Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow
remote attackers to read arbitrary files, send HTTP requests to
intranet servers, and possibly cause a denial of service (CPU and
memory consumption) via an XML External Entity (XXE) attack.
See also :
Run 'yum update php-ZendFramework' to update your system.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69712 ()
CVE ID: CVE-2012-5657