This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
PHP-specific version of NULL-byte poisoning was briefly described by
Poison NULL byte vulnerability for perl CGI applications was described
in . ShAnKaR noted, that same vulnerability also affects different
PHP developers report that branch 5.3 received a fix :
Paths with NULL in them (foo\0bar.txt) are now considered as invalid
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0