According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.0. Such versions may be affected by several buffer overflows To exploit these issues, an attacker would need the ability to upload an arbitrary PHP script to the remote server, or to be able to manipulate several variables processed by some PHP functions such as htmlentities().
Binary data 4444.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1015
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5706
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0448
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1381
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2844
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5424
www.hardened-php.net/advisory_092006.133.html
www.php.net/releases/5_2_0.php