This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
A vulnerability has been found and corrected in tomboy :
The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and
earlier place a zero-length directory name in the LD_LIBRARY_PATH,
which allows local users to gain privileges via a Trojan horse shared
library in the current working directory. NOTE: vector 1 exists
because of an incorrect fix for CVE-2005-4790.2 (CVE-2010-4005).
The updated packages have been patched to correct this issue.
Update the affected tomboy package.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : true