Hi there, That particular plugin has this line in it:
--- According to its banner, the version of PHP installed on the remote host is older than 5.2.6. Such versions may be affected by the following issues : --- RedHat does not update the version in the banner. For accurate detection of these types of issues, I would suggest performing a host-based patch audit. Also, please be advised that the Registered plugin feed is no longer available and as a university, you should switch to the ProfessionalFeed. Ron Gula Tenable Network Security Gisella Linares wrote: > Hi, > I am system administrator of Pontificia Universidad Catolica del Peru. We > use Nessus 3.0.6 for Linux (free version) in our servers. > When we scan a web server with : > - Red Hat 5 (64 bits) > - php-5.1.6-20.el5_2.1 > - Apache: httpd-2.2.3-11.el5_1.3 > > and the nessus report shows some critical vulnerabilities in php and > suggests update the version of php (The attach "output.prueba.20080725" > shows the results). > > After that, we reported this to Red Hat support and they told us that this > scanner has an approach which not checking individual security > vulnerabilities and because of this it can produce some false positives. > Because of this, we want to know if this Nessus version is compatible with > RedHat 5 (64 bits) and we appreciate you can confirm if these results are > false positives or not. > > Thank you very much for your help. > > Regards, > > **************************************** > Gisella Linares Chong > Oficina de Soporte Informatico > Direccion de Informatica - PUCP > Telef: 626-2000 anexo 3378 > http://dirinfo.pucp.edu.pe > **************************************** > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
