This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been discovered and corrected in
easy_install in setuptools before 0.7 uses HTTP to retrieve packages
from the PyPI repository, and does not perform integrity checks on
package contents, which allows man-in-the-middle attackers to execute
arbitrary code via a crafted response to the default use of the
The updated python-setuptools packages has been upgraded to the 0.9.8
version and the python-virtualenv packages has been upgraded to the
1.10.1 version which is not vulnerable to this issue.
Update the affected python-pkg-resources, python-setuptools and / or
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true