This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
A vulnerability was discovered and fixed in php-suhosin :
crypt_blowfish before 1.1, as used in suhosin does not properly handle
8-bit characters, which makes it easier for context-dependent
attackers to determine a cleartext password by leveraging knowledge of
a password hash (CVE-2011-2483).
The updated packages have been patched to correct this issue.
Update the affected php-suhosin package.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false