The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6757-2 advisory. USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-4900) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass. (CVE-2024-2756) It was discovered that PHP incorrectly handled some passwords. An attacker could possibly use this issue to cause an account takeover attack. (CVE-2024-3096) Tenable has extracted the preceding description block directly from the Ubuntu security advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More