This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been found and corrected in php(-cgi) :
PHP-CGI-based setups contain a vulnerability when parsing query string
parameters from php files. A remote unauthenticated attacker could
obtain sensitive information, cause a denial of service condition or
may be able to execute arbitrary code with the privileges of the web
The updated packages have been patched to correct this issue.
It was discovered that the previous fix for the CVE-2012-1823
vulnerability was incomplete (CVE-2012-2335, CVE-2012-2336). The
updated packages provides the latest version (5.3.13) which provides a
solution to this flaw.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.9
Public Exploit Available : true