This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
An integer overflow in liblzo before 2.07 allows attackers to cause a
denial of service or possibly code execution in applications using
performing LZO decompression on a compressed payload from the attacker
The libvncserver library is built with a bundled copy of minilzo,
which is a part of liblzo containing the vulnerable code.
The x11vnc packages is now build against the system libvncserver
library to avoid security issues in the bundled copy.
The icecream packages is built with a bundled copy of minilzo, which
is a part of liblzo containing the vulnerable code.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 4.4
Public Exploit Available : false