This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability was discovered and corrected in the Linux 2.6 kernel :
The asn1 implementation in (a) the Linux kernel 2.4 before 188.8.131.52
and 2.6 before 184.108.40.206, as used in the cifs and ip_nat_snmp_basic
modules; and (b) the gxsnmp package; does not properly validate length
values during decoding of ASN.1 BER data, which allows remote
attackers to cause a denial of service (crash) or execute arbitrary
code via (1) a length greater than the working buffer, which can lead
to an unspecified overflow; (2) an oid length of zero, which can lead
to an off-by-one error; or (3) an indefinite length for a primitive
To update your kernel, please follow the directions located at :
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0