This class seems to assume everyone runs completely unpatched versions of PHP which rarely ever happens. The class doesn't actually test for any vulnerabilities just the version numbers that originally had vulnerabilities. Most distributions keep PHP pretty well patched up from security holes as they appear without forcing a new PHP version on the person. Because of this, this class will report tons of false positives. Unless you are running a stock unpatched PHP this class isn't for you.
Artur Graniszewski - 2012-10-08 20:59:06 - In reply to message 1 from Joe Huss
First of all, this is just a basic security test, not an advanced tool. Please keep in mind that in the current version I do not check the existance of suhosin module or SELinux mode. As far as I'm aware most of these vulnerabilities are NOT fixed by specific distros, but by suhosin module only.
I prefer the "better safe than sorry" approach and show some false positives (which can be manually filtered out by reading bug descriptions reported in links created by my class) rather than showing "you're secure".
Please. remember that this is not a tool like metasploit and I'm not trying to create one:) This application should be treated rather as a security lesson, that increases the security awareness among PHP developers and LAMP administrators.