Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

PHP < 5.2.13 / 5.3.x < 5.3.2 Multiple Vulnerabilities

High

Synopsis

The remote web server uses a version of PHP that is affected by multiple vulnerabilities.

Description

According to its banner, the version of PHP installed on the remote host is earlier than 5.3.2 / 5.2.13. Such versions are potentially affected by multiple vulnerabilities :

- A safe_mode validation issue inside 'tempnam()' when the directory path does not end with a '/'.

- A possible open_basedir/safe_mode bypass in the session extension.

Solution

Upgrade to PHP version 5.3.2 / 5.2.13 or later.