This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Updated x2goserver package fixes security vulnerability :
A vulnerability in x2goserver before 18.104.22.168 in the setgid wrapper
x2gosqlitewrapper.c, which does not hardcode an internal path to
x2gosqlitewrapper.pl, allowing a remote attacker to change that path.
A remote attacker may be able to execute arbitrary code with the
privileges of the user running the server process (CVE-2013-4376).
A vulnerability in x2goserver before 22.214.171.124 in x2gocleansessions has
also been fixed.
See also :
Update the affected x2goserver, x2goserver-postgresql and / or
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false