This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Updated subversion package fixes security vulnerability :
svnserve takes a --pid-file option which creates a file containing the
process id it is running as. It does not take steps to ensure that the
file it has been directed at is not a symlink. If the pid file is in a
directory writeable by unprivileged users, the destination could be
replaced by a symlink allowing for privilege escalation. svnserve does
not create a pid file by default (CVE-2013-4277).
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 3.3
CVSS Temporal Score : 2.9
Public Exploit Available : true