This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A vulnerability in xpcd-svga, part of xpcd, was discovered by Jaguar.
xpcd-svga uses svgalib to display graphics on the console and it would
copy user-supplied data of an arbitrary length into a fixed-size
buffer in the pcd_open function.
As well, Steve Kemp previously discovered a buffer overflow in
xpcd-svga that could be triggered by a long HOME environment variable,
which could be exploited by a local attacker to obtain root
The updated packages resolve these vulnerabilities.
Update the affected xpcd and / or xpcd-gimp packages.
Risk factor :
High / CVSS Base Score : 7.2