According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.7. Such versions may be affected by several security issues :
Missing initialization of ‘BG(page_uid)’ and ‘BG(page_gid)’ when PHP is used as an Apache module may allow for bypassing security restrictions due to SAPI ‘php_getuid()’ overloading.
Incorrect ‘php_value’ order for Apache configuration may allow bypassing PHP’s ‘safe_mode’ setting.
File truncation can occur when calling ‘dba_replace()’ with an invalid argument.
The ZipArchive: extractTo() method in the ZipArchive extension fails to filter directory traversal sequences from file names.
There is a buffer overflow in the bundled PCRE library fixed by 7.8. (CVE-2008-2371)
A buffer overflow in the ‘imageloadfont()’ function in ‘ext/gd/gd.c’ can be triggered when a specially crafted font is given. (CVE-2008-3658)
There is a buffer overflow in PHP’s internal function ‘memnstr()’, which is exposed to userspace as ‘explode()’. (CVE-2008-3659)
When used as a FastCGI module, PHP segfaults when opening a file whose name contains two dots (eg, ‘file…php’). (CVE-2008-3660)
Multiple directory traversal vulnerabilities in functions such as ‘posix_access()’, ‘chdir()’, ‘ftok()’ may allow a remote attacker to bypass ‘safe_mode’ restrictions. (CVE-2008-2665 and CVE-2008-2666).
A buffer overflow may be triggered when processing long message headers in ‘php_imap.c’ due to use of an obsolete API call. (CVE-2008-2829) - A buffer overflow error exists in the function ‘date_from_ISO8601’ function within file ‘xmlrpc.c’ because user-supplied input is improperly validated. This can be exploited by a remote attacker to cause a denial of service or to execute arbitrary code. (CVE-2014-8626)
Binary data 4779.prm
archives.neohapsis.com/archives/fulldisclosure/2008-06/0238.html
archives.neohapsis.com/archives/fulldisclosure/2008-06/0239.html
archives.neohapsis.com/archives/fulldisclosure/2008-11/0433.html
archives.neohapsis.com/archives/fulldisclosure/2008-12/0089.html
bugs.php.net/bug.php?id=42862
bugs.php.net/bug.php?id=45151
bugs.php.net/bug.php?id=45722
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5557
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8626
seclists.org/oss-sec/2014/q4/535
securityreason.com/achievement_securityalert/57
securityreason.com/achievement_securityalert/58
securityreason.com/achievement_securityalert/59
www.openwall.com/lists/oss-security/2008/08/08/2
www.openwall.com/lists/oss-security/2008/08/13/8
www.php.net/ChangeLog-5.php#5.2.7
www.php.net/releases/5_2_7.php
www.sektioneins.de/advisories/SE-2008-06.txt