This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been found and corrected in apache-mod_security :
ModSecurity before 2.7.3 allows remote attackers to read arbitrary
files, send HTTP requests to intranet servers, or cause a denial of
service (CPU and memory consumption) via an XML external entity
declaration in conjunction with an entity reference, aka an XML
External Entity (XXE) vulnerability (CVE-2013-1915).
The updated packages have been patched to correct this issue.
Update the affected apache-mod_security and / or mlogc packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true