This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Updated perl-HTTP-Body package fixes security vulnerability :
Jonathan Dolle reported a design error in HTTP::Body, a Perl module
for processing data from HTTP POST requests. The HTTP body multipart
parser creates temporary files which preserve the suffix of the
uploaded file. An attacker able to upload files to a service that uses
HTTP::Body::Multipart could potentially execute commands on the server
if these temporary filenames are used in subsequent commands without
further checks (CVE-2013-4407).
See also :
Update the affected perl-HTTP-Body package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true