This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.
The configuration of PHP on the remote host allows disclosure of
The PHP install on the remote server is configured in a way that
allows disclosure of potentially sensitive information to an attacker
through a special URL. Such a URL triggers an Easter egg built into
Other such Easter eggs likely exist, but Nessus has not checked for
See also :
In the PHP configuration file, php.ini, set the value for
'expose_php' to 'Off' to disable this behavior. Restart the web
server daemon to put this change into effect.
Risk factor :
Medium / CVSS Base Score : 5.0
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now