This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A memory starvation denial of service vulnerability in the ls program
was discovered by Georgi Guninski. It is possible to allocate a huge
amount of memory by specifying certain command-line arguments. It is
also possible to exploit this remotely via programs that call ls such
as wu-ftpd (although wu-ftpd is no longer shipped with Mandrake
Likewise, a non-exploitable integer overflow problem was discovered in
ls, which can be used to crash ls by specifying certain command-line
arguments. This can also be triggered via remotely accessible services
such as wu-ftpd.
The provided packages include a patched ls to fix these problems.
Update the affected coreutils, coreutils-doc and / or fileutils
Risk factor :
Medium / CVSS Base Score : 5.0