This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
Richard Kettlewell discovered a buffer overflow vulnerability in the
zlib library's gzprintf() function. This can be used by attackers to
cause a denial of service or possibly even the execution of arbitrary
code. Our thanks to the OpenPKG team for providing a patch which adds
the necessary configure script checks to always use the secure
vsnprintf(3) and snprintf(3) functions, and which additionally adjusts
the code to correctly take into account the return value of
vsnprintf(3) and snprintf(3).
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true