The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.php.net/releases/5_2_11.php http://www.vuxml.org/freebsd/437a68cf-b752-11de-b6eb-00e0815b8da8.html

The following package is affected: php5 CVE-2009-3291 The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. CVE-2009-3292 Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to 'missing sanity checks around exif processing.' CVE-2009-3293 Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect 'sanity check for the color index.'