This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
It was discovered that the apr_fnmatch() function used an
unconstrained recursion when processing patterns with the '*'
wildcard. An attacker could use this flaw to cause an application
using this function, which also accepted untrusted input as a pattern
for matching (such as an httpd server using the mod_autoindex module),
to exhaust all stack memory or use an excessive amount of CPU time
when performing matching (CVE-2011-0419).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true