This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been identified and fixed in php :
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the
__autoload function, which makes it easier for remote attackers to
execute arbitrary code by providing a crafted URL and leveraging
potentially unsafe behavior in certain PEAR packages and custom
The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory
and is now being provided, the php-timezonedb package was upgraded to
the latest version (2011.14) for 2011.
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true