This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been discovered and corrected in mozilla NSS :
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure
that data structures are initialized before read operations, which
allow remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors that trigger a decryption failure
The updated mozilla NSS and NSPR packages have been upgraded to the
latest versions where the CVE-2013-1739 flaw has been fixed in NSS.
The rootcerts packages have been upgraded providing the latest root CA
certs from mozilla as of 2013/04/11.
The sqlite3 packages for mes5 have been upgraded to the 3.7.17 version
to satisfy the requirements for a future upcoming Firefox 24 ESR
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false