This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been discovered and corrected in apache :
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when
used with mod_proxy_balancer in certain configurations, allows remote
attackers to cause a denial of service (temporary error state in the
backend server) via a malformed HTTP request (CVE-2011-3348).
The fix for CVE-2011-3192 provided by the MDVSA-2011:130 advisory
introduced regressions in the way httpd handled certain Range HTTP
The updated packages have been patched to correct these issues.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true