This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A denial of service flaw was found in the way the File Information
(fileinfo) extension handled indirect rules. A remote attacker could
use this flaw to cause a PHP application using fileinfo to crash or
consume an excessive amount of CPU.
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does
not check return values, which allows remote attackers to cause a
denial of service (application crash) or possibly have unspecified
other impact via invalid imagecrop arguments that lead to use of a
NULL pointer as a return value, a different vulnerability than
See also :
Run 'yum update php55' to update your system.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 73233 ()
CVE ID: CVE-2013-7327CVE-2014-1943CVE-2014-2270
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.