This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Secunia reports :
Some vulnerabilities have been reported in PHP, where some have an
unknown impact and others can potentially be exploited by malicious
people to cause a DoS (Denial of Service) or compromise a vulnerable
An input validation error exists within the 'ZipArchive::extractTo()'
function when extracting ZIP archives. This can be exploited to
extract files to arbitrary locations outside the specified directory
via directory traversal sequences in a specially crafted ZIP archive.
An error in the included PCRE library can be exploited to cause a
The problem is that the 'BG(page_uid)' and 'BG(page_gid)' variables
are not initialized. No further information is currently available.
The problem is that the 'php_value' order is incorrect for Apache
configurations. No further information is currently available.
An error in the GD library can be exploited to cause a crash via a
specially crafted font file.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 35051 (freebsd_pkg_27d01223c45711dda7210030843d3802.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now