This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A denial of service flaw was found in the way the File Information
(fileinfo) extension handled indirect rules. A remote attacker could
use this flaw to cause a PHP application using fileinfo to crash or
consume an excessive amount of CPU.
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does
not check return values, which allows remote attackers to cause a
denial of service (application crash) or possibly have unspecified
other impact via invalid imagecrop arguments that lead to use of a
NULL pointer as a return value, a different vulnerability than
See also :
Run 'yum update php55' to update your system.
Risk factor :
Medium / CVSS Base Score : 6.8