|
Family: CGI abuses --> Category: infos
php log Vulnerability Scan
Vulnerability Scan Summary Checks for version of PHP
Detailed Explanation for this Vulnerability Test
A version of php which is older than 3.0.17
or than 4.0.3 is running on this host.
If the option 'log_errors' is set to 'On' in php.ini,
then a possible hacker may execute arbitrary code on this host.
Solution : make sure that 'log_errors' is set to 'Off' in your php.ini,
or install the latest version of PHP :
http://www.php.net/do_download.php?download_file=php-4.0.3.tar.gz
or
http://www.php.net/distributions/php-3.0.17.tar.gz
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|