This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
US-CERT/NIST reports :
The _zip_name_locate function in zip_name_locate.c in the Zip
extension in PHP before 5.3.6 does not properly handle a
ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent
attackers to cause a denial of service (application crash) via an
empty ZIP archive that is processed with a (1) locateName or (2)
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.3