This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
Stefan Esser discovered a remotely exploitable vulnerability in PHP
where a remote attacker could trigger a memory_limit request
termination in places where an interruption is unsafe. This could be
used to execute arbitrary code.
As well, Stefan Esser also found a vulnerability in the handling of
allowed tags within PHP's strip_tags() function. This could lead to a
number of XSS issues on sites that rely on strip_tags(); however, this
only seems to affect the Internet Explorer and Safari browsers.
The updated packages have been patched to correct the problem and all
users are encouraged to upgrade immediately.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Public Exploit Available : true