SynopsisThe remote web server uses a version of PHP that is potentially affected by a permission escalation vulnerability.
DescriptionAccording to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.28. It is, therefore, potentially affected by a permission escalation vulnerability.
A flaw exists within the FastCGI Process Manager (FPM) when setting permissions for a Unix socket. This could allow a remote attacker to gain elevated privileges after gaining access to the socket.
Note that this plugin has not attempted to exploit this issue, but instead relied only on PHP's self-reported version number.
SolutionUpgrade to PHP version 5.4.28 or later.