WebSTAR contains a flaw that may allow a malicious user to access unauthorized information. The issue is due to WebSTAR's inproper file permission on php.ini within the /cgi-bin or /fcgi-bin directories. This flaw may allow a remote attacker to download the php.ini file and obtain sensitive information of the webserver and database server, resulting in a loss of confidentiality.
Upgrade to version 5.3.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.