PHP3 Physical Path Disclosure Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Tests for PHP3 Physical Path Disclosure Vulnerability

Detailed Explanation for this Vulnerability Test
PHP3 will reveal the physical path of the
webroot when asked for a non-existent PHP3 file
if it is incorrectly configured. Although printing errors
to the output is useful for debugging applications, this
feature should not be enabled on production servers.

Solution :
In the PHP configuration file change display_errors to 'Off':
display_errors = Off

Reference : http://online.securityfocus.com/archive/1/65078
Reference : http://online.securityfocus.com/archive/101/184240

Threat Level: Low

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051