This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
A vulnerability has been found and corrected in
A race condition was found in the way mod_auth_shadow used an external
helper binary to validate user credentials (username / password
pairs). A remote attacker could use this flaw to bypass intended
access restrictions, resulting in ability to view and potentially
alter resources, which should be otherwise protected by authentication
Packages for 2008.0 are provided for Corporate Desktop 2008.0
The updated packages have been patched to correct this issue.
See also :
Update the affected apache-mod_auth_shadow package.
Risk factor :
Medium / CVSS Base Score : 6.8