This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability was discovered and corrected in acl :
The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when
running in recursive (-R) mode, follow symbolic links even when the
--physical (aka -P) or -L option is specified, which might allow local
users to modify the ACL for arbitrary files or directories via a
symlink attack (CVE-2009-4411).
This update provides a fix for this vulnerability.
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 3.7
CVSS Temporal Score : 3.2
Public Exploit Available : true