This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Updated zarafa packages fix security vulnerabilities :
Robert Scheck reported that Zarafa's WebAccess stored session
information, including login credentials, on-disk in PHP session
files. This session file would contain a user's username and password
to the Zarafa IMAP server (CVE-2014-0103).
Robert Scheck discovered that the Zarafa Collaboration Platform has
multiple incorrect default permissions (CVE-2014-5447, CVE-2014-5448,
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 2.1
CVSS Temporal Score : 1.8
Public Exploit Available : false
Family: Mandriva Local Security Checks
Nessus Plugin ID: 77839 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now