This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
Rob Holland, of the Gentoo Security Audit Team, discovered that
pam_ldap and nss_ldap would not use TLS for referred connections if
they are referred to a master after connecting to a slave, regardless
of the 'ssl start_tls' setting in ldap.conf.
As well, a bug in nss_ldap in Corporate Server and Mandrake 10.0 has
been fixed that caused crond, and other applications, to crash as a
result of clients receiving a SIGPIPE signal when attempting to issue
a new search request to a directory server that is no longer
The updated packages have been patched to address this issue.
Update the affected nss_ldap and / or pam_ldap packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true