FreeBSD : suphp -- multiple local privilege escalation vulnerabilities (fb672330-02db-11dd-bd06-0017319806e7)
Medium Nessus Plugin ID 31833
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMultiple local privilege escalation are found in the symlink verification code. An attacker may use it to run a PHP script with the victim's privilege. This attack is a little harder when suphp operates in paranoid mode. For suphp that runs in owner mode which is the default in ports, immediate upgrade to latest version is advised.
SolutionUpdate the affected package.