This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability was found and corrected in libotr :
Just Ferguson discovered that libotr, an off-the-record (OTR)
messaging library, can be forced to perform zero-length allocations
for heap buffers that are used in base64 decoding routines. An
attacker can exploit this flaw by sending crafted messages to an
application that is using libotr to perform denial of service attacks
or potentially execute arbitrary code (CVE-2012-3461).
The updated packages have been patched to correct this issue.
Update the affected lib64otr-devel, lib64otr2 and / or libotr-utils
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false