This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing a security update.
Buffer overflow in the safer_name_suffix function in GNU cpio has
unspecified attack vectors and impact, resulting in a crashing stack.
This problem is originally found in tar, but affects cpio too, due to
similar code fragments. (CVE-2007-4476)
Directory traversal vulnerability in cpio 2.6 and earlier allows
remote attackers to write to arbitrary directories via a .. (dot dot)
in a cpio file. This is an old issue, affecting only Mandriva
Corporate Server 4 and Mandriva Linux 2007. (CVE-2005-1229)
Updated package fixes these issues.
Update the affected cpio package.
Risk factor :
High / CVSS Base Score : 7.5