You mentioned that on your server, you have this PHP version:
php -v PHP 5.2.4-2ubuntu5.23 with Suhosin-Patch 0.9.6.2 (cli) (built: Feb 11 2012 03:50:23) Copyright (c) 1997-2007 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
That PHP version isn’t a version included in any supported Ubuntu version though. It appears to be the PHP version included with Ubuntu 8.04, which is no longer supported.
The version output there says that it was built prior to the initial exploit being released. That is, the build date of your PHP version is February 2012, but the exploit came out in May of 2012.
That PHP version would indeed be vulnerable.
If your system there is Ubuntu 8.04 (you can verify that by looking in /etc/issue), you’d want to upgrade to a supported distro.
If that is running a supported distro, but it’s just running an older PHP version – we’d recommend upgrading to a PHP version that’s not vulnerable to that issue.
-Eric