This host is running PHP and is prone to multiple vulnerabilities.

Successful exploitation could allow local attackers to bypass certain security restrictions and cause denial of service. Impact Level: Network

Upgrade to PHP version 5.3.1 http://www.php.net/downloads.php

Multiple flaws are due to: - Error in 'proc_open()' function in 'ext/standard/proc_open.c' that does not enforce the 'safe_mode_allowed_env_vars' and 'safe_mode_protected_env_vars' directives, which allows attackers to execute programs with an arbitrary environment via the env parameter. - Error in 'zend_restore_ini_entry_cb()' function in 'zend_ini.c', which allows attackers to obtain sensitive information.

PHP version 5.2.10 and prior. PHP version 5.3.x before 5.3.1

• http://bugs.php.net/bug.php?id=49026
• http://secunia.com/advisories/37482
• http://securityreason.com/achievement_securityalert/65
• http://www.openwall.com/lists/oss-security/2009/11/23/15

---

Updated on 2015-03-25