The remote Debian host is missing a security-related update.
Multiple vulnerabilities have been discovered in the PHP language : - CVE-2015-2305 Guido Vranken discovered a heap overflow in the ereg extension (only applicable to 32 bit systems). - CVE-2014-9705 Buffer overflow in the enchant extension. - CVE-2015-0231 Stefan Esser discovered a use-after-free in the unserialisation of objects. - CVE-2015-0232 Alex Eubanks discovered incorrect memory management in the exif extension. - CVE-2015-0273 Use-after-free in the unserialisation of DateTimeZone.
Upgrade the php5 packages. For the stable distribution (wheezy), these problems have been fixed in version 5.4.38-0+deb7u1. For the upcoming stable distribution (jessie), these problems have been fixed in version 5.6.6+dfsg-2.