This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP
before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not
properly parse (1) notBefore and (2) notAfter timestamps in X.509
certificates, which allows remote attackers to execute arbitrary code
or cause a denial of service (memory corruption) via a crafted
certificate that is not properly handled by the openssl_x509_parse
See also :
Run 'yum update php' to update your system.
Risk factor :
High / CVSS Base Score : 7.5
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 71574 ()
CVE ID: CVE-2013-6420