This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Multiple vulnerabilities has been found and corrected in
Cross-site request forgery (CSRF) vulnerability in Transmission 1.5
before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the
authentication of unspecified victims via unknown vectors
Directory traversal vulnerability in libtransmission/metainfo.c in
Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to
overwrite arbitrary files via a .. (dot dot) in a pathname within a
.torrent file (CVE-2010-0012).
The updated packages have been patched to correct these issues.
Update the affected transmission package.
Risk factor :
Medium / CVSS Base Score : 6.8