This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities has been found and corrected in apache (ASF
Insecure handling of LD_LIBRARY_PATH was found that could lead to the
current working directory to be searched for DSOs. This could allow a
local user to execute code as root if an administrator runs apachectl
from an untrusted directory (CVE-2012-0883).
Possible XSS for sites which use mod_negotiation and allow untrusted
uploads to locations which have MultiViews enabled (CVE-2012-2687).
The updated packages have been upgraded to the latest 2.2.23 version
which is not vulnerable to these issues.
Packages for Mandriva Linux 2011 is also being provided.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : true